BOMGAR VS MS SCCM UPDATED: 2/28/2017
B O M G A R . CO M
USING MS SCCM? YOU COULD BE OPENING THE DOOR TO HACKERS
With the rise of telecommuting and Bring Your Own Device (BYOD) initiatives, workplace technology is rapidly becoming more geographically distributed and complex. IT organizations are challenged to support an array of platforms spread out across many locations, often throughout the world. Not surprisingly, as remote workers have increased, so too has the number of data breaches through point-to-point remote access tools like RDP, VNC, and SCCM. This perfect storm means now is the time to evaluate your current solution. Insecure remote access has remained one of the top methods of intrusion for several years in a row, accounting for 13 percent of breaches in 2015 according to Trustwave (see graph).
While Microsoft SCCM is effective for administration of PCs within the company LAN, it doesn’t enable ad hoc support for customers outside the network. In addition, because SCCM is designed primarily for executing administrative tasks rather than troubleshooting, its remote control toolset is not optimized for the resolution of support requests.
Remote control is only a minor feature in SCCM, and the product itself is a one of hundreds offered by Microsoft. Because of this lack of focus on the remote support field, upgrades are offered relatively infrequently and it requires software installation to enable remote control. In contrast, Bomgar’s advanced toolset is specifically designed for enterprise remote support.
PROVIDE SUPPORT ACROSS MULTIPLE PLATFORMSBomgar allows reps to provide support to and from nearly all of the leading operating systems, including Windows, Mac and Linux systems, plus iPads, iPhones, and Android devices.
In contrast, Microsoft SCCM’s remote control functionality only extends to end users running Windows. Only administrative functions can be performed on non-Windows end systems.
THE BOMGAR ADVANTAGE
Insecure remote access software and policies, at 13 percent, contributed to the largest share of compromises we investigated in 2015, followed by SQL injection and general miscon�guration issues, at 12 percent each. Together with malicious uploads (10 percent of incidents) and phishing and social engineering (8 percent), these factors accounted for more than half of the incidents investigated. The remainder included factors such as malicious insiders, weak passwords, code injection, and authentication bypass.
17%
13%
12%
12%
8%
7%
7%
7%
7%
10%
Remote Access
SQL Injection
Misconfiguration
File Upload
Phishing/Social Engineering
Malicious Insider
Code Injection
OS App Server
Weak Password
Other
METHODS OF INTRUSIONFACTORS CONTRIBUTING TO COMPROMISE
Trustwave GlobalSecurity Report
2016
HOW BOMGAR COMPARES TO MICROSOFT SCCM
BOMGARAppliance or Cloud
SCCM 2016P2P
SECURITYFirewall Compatible
Encryption
FIPS 140-2 Level 2 Validation In process 1
Session Recording
Granular Permissions
Smart Card Authentication Limited 2
Session Keys
Privacy Screen
INTEGRATIONPre-Built Service Desk & CRM Integration CRM only
Custom Integration Capability
Implementation & Training Services
Customization & Branding
Rep Console Scripts & Links
Bomgar’s secure remote support solution enables supporttechnicians to access and fix nearly any system or device.
SIMPLIFY SECURITY & COMPLIANCEBomgar enables IT organizations to keep tight control over who has access to company end systems. Deployment options range from an on premise physical appliance to a dedicated cloud appliance hosted in a secure Bomgar datacenter. Unlike SCCM, Bomgar enables:
• APPLICATION SHARING: Enable end users to restrict access to specified applications
• AUDITING: Record each session to ensure reps are following procedure
• SECURE RDP SESSIONS: Run RDP sessions through firewall-friendly architecture
COLLABORATE W/ OTHER TECHNICIANSBomgar enables reps to request help from other reps based on skillset, increasing first call resolution. And Bomgar’s Embassy technology enables collaboration with external vendors without giving the vendor full privileges. SCCM doesn’t enable collaboration or vendor access.
Vendor access management with Bomgar’s Embassy functionality
BOMGARAppliance or Cloud
SCCM 2016P2P
SUPPORT PROVIDED FROM MOBILE DEVICESiOS
Android
SUPPORT PROVIDED TO MOBILE DEVICESiOS Limited 3
Android Limited 3
Blackberry
Windows Phone Limited 3
MULTI-PLATFORM SUPPORTWindows
Mac Limited 3
Linux Limited 3
Network Devices
POS Systems
COLLABORATIONTeam Chat
Session Sharing & Transfer
Reverse Screen Sharing & Presentations
Vendor Management
Sponsored Access Escalation
Intelligent Collaboration
Multiple Languages
WEB-ENABLEDWeb Rep Console
SMS Session Start
Click-to-Chat
Closed Networks
Unattended Access Limited 4
One-Click Customer Client
Closed Networks
Command Shell
Multi-System Control
URL Push
Auto-Reconnect
Customer Portals
MANAGEABILITYSilent Monitoring of Reps
Canned Scripts
Session Queuing & Routing Limited 5
Logging & Reporting Limited 6
Identity Management LDAP, RADIUS, Kerberos Active Directory, Kerberos
Silent Monitoring of Reps
Analytics
Embedded App Support
B O M G A R . C O M
©2013 Bomgar, Inc. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective owners.
C O N T A C T B O M G A R [email protected] I 866.205.3650 (U.S) I +44(0) 1494 557 350 (U.K./EMEA)
JOIN OTHER ORGANIZATIONS WHO SWITCHED FROM SCCM TO BOMGAR
WHAT ARE YOU WAITING FOR?
Contact us at 877-826-6427 or [email protected] to begin a comprehensive in-house evaluation of Bomgar
and learn first-hand why so many of your peers have already made the switch.
1. Due to a recent change in NIST federal requirements, the Bomgar solution is currently in the process of re-validation
2. While SCCM enables authentication via smart card, this capability applies to end systems rather than reps
3. SCCM enables administration tasks on Mac, Linux, and mobile devices, but no remote control capabilities
4. RDP can be configured via SCCM, but no ability to run RDP sessions through the SCCM console is possible; While SCCM 2007 offered Wake-on-LAN capabilities, SCCM 2012 does not
5. Queuing in SCCM is designed systems management use cases and is not optimized for managing incoming support requests
6. SCCM has limited session reporting, but in documentation it states: “Do not consider remote control audit messages to be reliable.” [http://technet.microsoft.com/en-us/library/gg699395.aspx]