Extra typically, catastrophic outages and safety compromises might be traced again to easy misconfigurations and unpatched programs. This is not to say that components like pilot error and the workings of nefarious actors should not frequent—they actually are—however IT asset misconfigurations are usually the bottom frequent denominator in most of those eventualities. That being the case, a plethora of options deal with programs administration for sustaining robust safety and high quality of service. Tanium and Microsoft System Middle Configuration Supervisor (SCCM) are two such options competing on this area.
Sadly, misconfiguration-induced outages have develop into each more and more commonplace and costly. A current report from IDC states that infrastructure downtime in giant enterprises carries on common a $100,000 per hour price ticket. Essential software failures are much more devastating to the underside line, costing between $500,000 and $1 million per hour.
Knowledge breaches are additionally on the rise and might be equally pricey and arguably extra model damaging, however all the identical—the underlying trigger is normally the reasonably unglamorous misconfiguration, versus superior strategies of highly-sophisticated cyber attackers. In response to Gartner, 99% of firewall breaches are brought on by misconfigurations. And what of unpatched software program? Common, complete patching routines are mandated by compliance measures like HIPAA and PCI DSS, for good cause: in keeping with the SANS Institute, unpatched software program is essentially the most vital cyber safety threat to companies right now. That is the place Tanium and SCCM are available—by guaranteeing that system configurations are as anticipated and obligatory patches are deployed en masse, they will forestall outages and information breaches from disrupting the enterprise.
SCCM
Beforehand often called Methods Administration Server (SMS), SCCM is Microsoft’s flagship product for programs administration. The answer permits IT directors to evaluate/replace and deploy software program on servers in bodily and digital environments, in addition to desktops and cellular gadgets. Like most Microsoft merchandise, all administration is completed visually by a single unified GUI console. Utilizing SCCM’s complete set of administrative instruments, customers can create customized software program/OS installations and configurations to be deployed throughout a number of machines or environments.
The SCCM 2012 UI. Supply: windowsitpro.com.
SCCM affords a variety of administrative instruments for managing each rudimentary and enormous, advanced IT infrastructures. For instance, directors can use it to deploy working programs and software program to greenfield environments or push patches and configurations to any variety of machines on a community. The answer additionally consists of varied security measures for monitoring anti-malware providers, reporting coverage violations, stopping/responding to breaches, and extra.
Tanium
Based by father and son duo Orion and David Hindawi in 2007, Tanium’s endpoint safety and programs administration platform options 15-second visibility/management and pure language search capabilities for querying endpoint configurations. For instance, to get all variations of the Tanium shopper working in your atmosphere, you’ll kind the next into the UI’s prominently positioned search field:
“Get Tanium Client Version from all machines”
Moreover, the answer purportedly detects safety flaws (e.g., misconfigurations, vulnerabilities) and pushes out vital patches and updates sooner than conventional shopper administration options because of its distinctive structure.
Tanium IOC Detect interface. Supply: tanium/vimeo.com.
Here is the gist: a typical client-server structure consists of one-to-one connections between endpoint parts and servers—a setup that rapidly turns into gradual and convoluted in advanced, expansive infrastructures. In distinction, Tanium’s proprietary structure makes use of so-called “linear chains” that allow adjoining endpoint brokers to speak with one another in a dynamic peer-to-peer configuration. Servers solely talk with choose brokers on the ends of those chains, permitting for vital efficiency advantages for sooner menace response and remediation.
Facet-by-Facet Scoring: SCCM vs. Tanium1. Functionality Set
SCCM and Tanium are complete platforms for managing endpoints and different IT property in an atmosphere. Each options provide a myriad of options to facilitate menace detection, vulnerability evaluation, patch administration, asset stock administration, software program distribution, and extra.
2. Ease of Use
Deploying Tanium is trivial and its SaaS-based interface make it comparatively straightforward to stand up to hurry with. That mentioned, its multitude of dashboards is usually a bit overwhelming for novice customers. As a Microsoft resolution, SCCM will really feel instantly acquainted to Home windows directors, however typically the product’s interface is just not instantly intuitive to the typical IT operator.
3. Neighborhood Assist
As a broadly used programs administration resolution for managing Home windows environments, SCCM neighborhood help sources are plentiful—each from Microsoft’s Technet boards and different third-party web sites. Tanium offers a neighborhood web site to clients that options an up to date knowledgebase and repository of help sources, however its corpus of neighborhood help sources is proscribed compared with SCCM’s.
4. Launch Price
SCCM and Tanium have undergone quite a few releases and updates over time, with 2016 being an particularly monumental 12 months for each merchandise. Tanium 7 was launched in Might and encompasses a vital transforming of its administration console and workflows. SCCM’s March 2016 launch—dubbed SCCM 1602—affords a number of recent options, together with an integration with Microsoft Intune for cellular system administration. Each Tanium and SCCM have made their launch histories/notes publicly obtainable on their web sites.
5. Pricing and Assist
Pricing for SCCM is publicly obtainable on the Microsoft web site: $3,607 and $1,323 for the datacenter and commonplace editions, respectively. Licensing is decided by variety of servers cores and legitimate for 2 years. By way of help, Microsoft’s commonplace skilled help choices can be found per incident ($499) or in 5-packs ($1999).
6. API and Extensibility
SCCM doesn’t provide a RESTful API for constructing customized functions; that mentioned, an SDK is offered for constructing scripts to automate and add options/extensions to the product. Tanium offers a REST API for its IOC Detect service and a SOAP API for integrating the Server platform with a CMDB, SIEM, or in-house software.
7. third Social gathering Integrations
Tanium’s Join resolution module allows integrations with third-party programs like SIEMs, ticketing programs, and automation instruments—with out-of-the-box connector templates for ArcSight, LogRhythm, Splunk, and others. SCCM integrates nicely with different Microsoft merchandise, with different integrations obtainable by third-party distributors: Dell Replace Instruments, Secunia Vulnerability Scanning, and Coretek, to call a couple of.
8. Corporations that Use It
Tanium’s buyer base consists of lots of the world’s main enterprises and organizations: Amazon, Nasdaq, JPMorgan Chase, Amazon, US Financial institution, MetLife, eBay, Verizon, and the US Division of Protection, to call a couple of. SCCM’s dominance on this area is undisputed—Gartner just lately named Microsoft because the market share chief within the shopper administration software market.
9. Studying Curve
Tanium has gone to nice lengths to enhance its ease-of-use; that mentioned, the product might nonetheless really feel difficult for novice and intermediate-level IT directors. And regardless of positioning itself because the “Google of Enterprise IT,” the answer has a reasonable studying curve for gaining proficiency with its totally different queries and instructions. Nevertheless, this pales compared to SCCM’s notoriously steep studying curve.
10. Safety Score
Microsoft’s SCMM scores a safety score of 941/950 whereas Tanium scores decrease at 741 because of a myriad of safety points.
Scoreboard and Abstract
SCCM
Tanium
Functionality set
4/5
4/5
Ease of use
3/5
4/5
Neighborhood help
5/5
4/5
Launch charge
5/5
5/5
Pricing and help
4/5
3/5
API and extensibility
3/5
4/5
third occasion integrations
3/5
4/5
Corporations that use it
5/5
5/5
Studying curve
2/5
4/5
Safety score
941
741
Whole
3.9/5
4.1/5
In brief, each SCCM and Tanium are enterprise-level options that require vital time, experience, and budgetary funding to correctly deploy and handle. For Home windows-based environments, SCCM is laborious to beat, whereas organizations with heterogeneous infrastructures might profit extra from the Tanium providing. Many giant enterprises have chosen to combine the 2 platforms collectively for higher protection and resilience—that is actually a really perfect setup, albeit solely possible for essentially the most deep-pocketed of organizations.
