Device Security
Integrate Device Security with Microsoft SCCM
Table of Contents
Expand All
|
Collapse All
Device Security Docs
-
-
- Firewall Deployment Options for Device Security
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
Integrate Device Security with Microsoft SCCM
Integrate with Microsoft SCCM to import device attributes
into the Device Security inventory.
Where Can I Use This? | What Do I Need? |
---|---|
|
One of the following subscriptions:
One of the following Cortex XSOAR setups:
|
Microsoft System Center Configuration Manager (SCCM)
is a suite of management solutions for user and device management.
By integrating it with Device Security, you can import device attributes
from SCCM into Device Security for devices in its inventory.

Import the following device attributes from SCCM for devices
in the Device Security inventory:
- MAC address (Device Security links data from SCCM to devices by MAC address.)
- IP address
- Serial number
- Model
- Vendor
- Disk encryption status
- Windows installed patches
- Windows unique identifier
- SCCM site name
- SCCM domain name
The attributes that Device Security imports from SCCM are supplementary.
If Device Security has already discovered values for the IP address,
serial number, model, and vendor of a device, it doesn’t overwrite
them with values from SCCM. It only imports attributes for fields
for which it doesn’t yet have a value. You can see the IP address,
serial number, vendor, and model on the Devices page and all imported
attributes on the Device Details page.

Device Security can import device attributes from the SCCM SQL server
for one or more SQL databases, which is sometimes necessary for
large deployments spanning multiple locations. In these cases, you
create one Cortex XSOAR integration instance and job for each database.
Integrating with Microsoft SCCM requires either a
full-featured Cortex XSOAR server
or the activation of a Device Security
free cohosted Cortex XSOAR instance.