Can an EDR tool ever replace SCCM?

Nov 02, 2018 | | Security
Can Tanium replace SCCM

Many organizations today are considering an EDR tool. One question we know some are asking about Tanium is, “Will it replace SCCM?”

While you could replace SCCM with Tanium, it’s certainly not recommended. Here we will explain why:

First, let’s take a look at the major concern on everyone’s mind: security. Endpoint health affects everyone. The vulnerability net is getting larger and larger. With more endpoints added to the corporate network, the risk of having a security issue is high. Does SCCM help keep endpoints secure?

The answer is complicated- because the answer is “kind of”.

SCCM, like Tanium, relies on WMI, or Windows Management Instrumentation. WMI is the architecture embedded in Microsoft’s SCCM that allows access to data from a variety of other Microsoft offerings. So if there’s an issue with WMI, there’s an issue with SCCM and Tanium at the same time.

What about remote devices?

In today’s modern work environments, it is common to have 20% or more of your PC’s “Remote” at any given time. People are travelling with work, working from home, and may even have their laptops with them while on vacation. More and more core services are available without needing VPN connections. According to Gartner, 80% of the data consumed by your endpoints is held outside of your network.  The VPN is becoming less and less necessary for these remote workers. SCCM Cloud based Distribution Points help address this problem.

Tanium recently (September 2018) made a change to offer some support for non-VPN connected remote endpoints. However, just like with those endpoints connected to the VPN, connectivity is problematic due to the LAN-based P2P “Linear Chain” architecture of Tanium.

Any productivity loss is unacceptable.

Bandwidth to spread content across endpoints is greater than it’s ever been. But then again, there’s also more content, too.  How do Tanium and SCCM get data to endpoints over WAN without disrupting the business? With Tanium’s P2P design, it actually benefits users because the WAN bandwidth impact is minimal. But when a major security breach happens as with WannaCry or some other Zero-Day scenario, sending mass amounts of patches or deployments gets messy. In this situation, speed counts. The business can’t wait to receive the patches, it has to be immediate. Unfortunately, SCCM wasn’t exactly built for speed.

Tanium is a bit faster, but not by much. But we do know something that is fast, doesn’t clog the network or disrupt the business. You guessed it. 1E’s Tachyon.

With SCCM and the 1E solutions, you get the best of both worlds. Download the ebook – Questions industry experts are asking about Tanium to learn more.

Share this post

Share this post on your favourite social media platform.

Find this article useful?

If so please click here