What You Need to Know About Microsoft Systems Management Server 2003

In late 2003, Microsoft delivered a long-awaited major update to its software deployment, inventory tracking, and remote-troubleshooting server product, Microsoft Systems Management Server (SMS) 2003. SMS is an excellent way to manage the deployment of security patches to users' desktops, and the company has updated this version to better support roaming and remote users. SMS 2003 forms the basis for Microsoft's Change and Configuration Management (CCM) strategy. Here's what you need to know about SMS 2003.

What's New in SMS 2003
SMS 2003 addresses several common CCM concerns, including managing computers and users who roam between different computers on a network or who work remotely, often over low- or poor-quality bandwidth connections. The product also tracks software deployment and use throughout your organization, helping you better plan software licensing and purchasing. To enhance computer security, SMS 2003 can monitor all the machines on your network and deploy updates to ensure that the machines are up-to-date with critical fixes, security patches, hotfixes, and other software updates.

SMS 2003 adds support for roaming and mobile users through a new Advanced Client that provides all SMS features without requiring a local server. The Advanced Client uses an HTTP-based protocol called Background Intelligent Transfer Service (BITS) to provide connectivity over intermittent or low-quality connections, including RAS dial-up and remote VPN connections. Microsoft originally developed BITS for Windows Update, and the Automatic Updates service in Windows Server 2003, Windows XP, and Windows 2000 also uses the technology. The original SMS client, now dubbed the Legacy Client, is still available for backward compatibility during migrations or for mixed environments.

Microsoft has rewritten SMS's application tracking and usage functionality to scale better on Windows 2003 systems. This change means that SMS is now more adaptable for even the largest enterprises, providing an accurate picture of your software-licensing situation at any time. The tracking feature can also give you a better idea about which users are using which software, helping you realistically determine your software-licensing requirements.

Security Features
Although Microsoft didn't originally design SMS as a platform for managing security patches, customer needs drove Microsoft to add this functionality to earlier versions through add-on packs. In SMS 2003, security patch management is now an integrated feature that can help you ensure that your systems are as up-to-date as possible, meaning you won't have to scramble when a new critical security fix suddenly appears.

SMS 2003 divides security patch management tasks into three phases. First, you perform a vulnerability assessment by installing the Security Update Inventory Tool and the Microsoft Office Inventory Tool for Updates, which are included with SMS 2003. These tools automatically create the packages, collections, and desktop-based software alerts needed to regularly run the software update scanning tools on all managed clients; SMS automatically downloads newer versions of these tools when available.

After SMS generates a set of reports about the state of your network, you can use SMS to begin the second phase—patch-deployment planning—in which you prioritize patches according to various criteria, such as patch severity or the number of machines that are affected. In the third phase, patch deployment, you use the simple Patch Distribution Wizard, which walks you through the steps for creating an ongoing patch-deployment strategy.

Unless you've already settled on a third-party CCM tool, SMS 2003 is a compelling challenger that offers some unique advantages for mobile or roaming users, especially those on low- or poor-bandwidth connections. SMS 2003's security features are another benefit, and given the current patch-management climate, moving to a system that helps automate this process is a plus. Given SMS 2003's ties to Active Directory (AD) and Microsoft's other management tools, this product is definitely one to evaluate.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.