SCCM Remote Updates/Deployments

alfano06 41 Reputation points
2020-10-15T17:29:28.123+00:00

Hello,

I am looking to accomplish pushout out Software Updates, Application Deployments, and Windows 10 Servicing to endpoints that rarely connect to our VPN.

My current environment is roughly 400 devices including servers that are on prem.

I have many end users who will never need to connect to the VPN to get company resources, so this makes utilizing SCCM very difficult to reach these devices.

I have a current project ongoing right now with a vendor and want to see if we are heading in the right direction or if we're not.

They are helping me configure Co-Management/Azure Hybrid Joined devices, and while I know Intune can handle this I don't feel we're ready to utilize Intune for this.

My goal is that I want devices to check into SCCM regardless if they are connected to the VPN or not. If they are in house I want them receiving the Updates/Applications from on prem, and if they are not connected to the VPN I want to be able to manage these devices. I want SCCM to do ALL the lifting here, so that devices follow my ADR's deployment windows and such.

Should I be looking to change the direction of my project to one of the following?

  • Stand up a server in the DMZ for a remote DP these devices would communicate with
  • Cloud Management Gateway
  • Stick with Intune/Azure Hybrid joined
Microsoft Configuration Manager
0 comments No comments
{count} votes

Accepted answer
  1. Jason Sandys 31,291 Reputation points Microsoft Employee
    2020-10-15T19:42:30.453+00:00

    Co-management is an excellent choice but not for this issue as co-management is not* a solution for remote management. Remote management is addressed in ConfigMgr using a CMG (or IBCM).

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Rahul Jindal [MVP] 9,966 Reputation points MVP
    2020-10-15T20:18:40.747+00:00

    CMG is the right option here. Doesn’t require any additional infra and at the same time you are taking a step towards extending your existing ConfigMgr infrastructure to use cloud services.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.