Run Windows Agent through the Microsoft System Center as a Task Sequence
To run the Software Vulnerability Research Agent from the Microsoft System Center as a scheduled task, see the steps below. No agents will be installed, and you will only need to maintain one agent binary. To stagger the scanning of multiple machines within a system, see Randomize the Agent Scan Schedule.
To run the Vulnerable Software Discovery Tool inside an SCCM package:
|
1.
|
Open the Software Vulnerability Research console. From Settings > Assessment > Downloads, download the latest SVRScan.exe file and place it into a deployment share. |
Note • Make sure to right click on the .exe in the deployment share to “Unblock” it. Click Apply > OK.
|
2.
|
Launch the ConfigMgr console. Select Software Library > Application Management > Packages. |
|
3.
|
From the ribbon, click Create Package. |
|
4.
|
Complete the package information and click Next. |
|
5.
|
On the Program Type page, ensure Standard Program is selected and click Next. |
|
6.
|
On the Standard Program page, configure the following settings and click Next. |
|
•
|
Name: SVM Vulnerable Software Discovery Tool |
|
•
|
Command Line: SVMScan.exe -c - v -d c:\windows\temp\svmscan.log (creates a scan log file up to 16 MB in size) |
|
•
|
Program can run: Whether or not a user is logged on |
|
7.
|
On the Requirements page, complete the requirements as shown below and click Next. |
|
9.
|
Distribute the package to all Distribution Points or groups using the Distribute Content feature. |
To create the initial scan and the weekly reoccurring scan:
|
1.
|
Select the Package and click Deploy on the ribbon. |
|
2.
|
On the General page, select the target collection and click Next. |
|
3.
|
On the Content page, verify that the content is distributed and click Next. |
|
4.
|
On the Deployment Settings page, ensure the purpose is Required and click Next. |
|
5.
|
On the Scheduling page, in the Assignment schedule click New. Schedule a scan for as soon as possible and create a weekly scanning schedule. Also configure the Rerun behavior deployment to Always rerun program. |
Tip • For larger environments, it is recommended to spread out the execution schedule of the scan package to avoid spikes of network traffic.
|
6.
|
On the user Experience page, click Next. |
|
7.
|
On the user Distribution Points page, select Download content, and click Next. |
You can now monitor the scanning results from the Software Vulnerability Research console. To stagger the scanning of multiple machines within a system, see Randomize the Agent Scan Schedule.
Software Vulnerability Research
Current
Open topic with navigation