Run Windows Agent through the Microsoft System Center as a Task Sequence
To run the Software Vulnerability Research Agent from the Microsoft System Center as a scheduled task, see the steps below. No agents will be installed, and you will only need to maintain one agent binary. To stagger the scanning of multiple machines within a system, see Randomize the Agent Scan Schedule.
| • | Running the Vulnerable Software Discovery Tool Inside an SCCM Package |
| • | Creating the Initial Scan and Weekly Reoccurring Scan |
Running the Vulnerable Software Discovery Tool Inside an SCCM Package
To run the Vulnerable Software Discovery Tool inside an SCCM package, perform the following steps.
To run the Vulnerable Software Discovery Tool inside an SCCM package:
| 1. | Open the Software Vulnerability Research console. From Settings > Assessment > Downloads, download the latest SVRScan.exe file and place it into a deployment share. |
Note:Make sure to right click on the .exe in the deployment share to “Unblock” it. Click Apply > OK.
| 2. | Launch the ConfigMgr console. Select Software Library > Application Management > Packages. |
| 3. | From the ribbon, click Create Package. |
| 4. | Complete the package information and click Next. |
| 5. | On the Program Type page, ensure Standard Program is selected and click Next. |
| 6. | On the Standard Program page, configure the following settings and click Next. |
|
Setting |
Description |
|
Name |
Enter SVM Vulnerable Software Discovery Tool. |
|
Command Line |
Enter the following: SVMScan.exe -c - v -d c:\windows\temp\svmscan.log This command line creates a scan log file up to 16 MB in size. |
|
Run |
Set to Hidden. |
|
Program can run |
Select Whether or not a user is logged on. |
| 7. | On the Requirements page, complete the requirements as shown below and click Next. |
| 8. | Finish the wizard. |
| 9. | Distribute the package to all Distribution Points or groups using the Distribute Content feature. |
Creating the Initial Scan and Weekly Reoccurring Scan
To create the initial scan and the weekly reoccurring scan, perform the following steps.
To create the initial scan and the weekly reoccurring scan:
| 1. | Select the Package and click Deploy on the ribbon. |
| 2. | On the General page, select the target collection and click Next. |
| 3. | On the Content page, verify that the content is distributed and click Next. |
| 4. | On the Deployment Settings page, ensure the purpose is Required and click Next. |
| 5. | On the Scheduling page, in the Assignment schedule click New. Schedule a scan for as soon as possible and create a weekly scanning schedule. Also configure the Rerun behavior deployment to Always rerun program. |
Tip:For larger environments, it is recommended to spread out the execution schedule of the scan package to avoid spikes of network traffic.
| 6. | On the user Experience page, click Next. |
| 7. | On the user Distribution Points page, select Download content, and click Next. |
| 8. | Finish the wizard. |
You can now monitor the scanning results from the Software Vulnerability Research console. To stagger the scanning of multiple machines within a system, see Randomize the Agent Scan Schedule.