Security and Privacy for Queries in Configuration Manager


Updated: May 14, 2015

Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Configuration Manager SP2, System Center 2012 R2 Configuration Manager, System Center 2012 R2 Configuration Manager SP1

Queries in Configuration Manager let you retrieve information from the site database based on the criteria that you specify. Configuration Manager collects the site database information during standard operation. For example, by using information that has been collected from discovery or inventory, you can configure a query to identify devices that meet specified criteria.

For more information about queries, see Introduction to Queries in Configuration Manager. For more information about any security best practices and privacy information for Configuration Manager operations that collect the information that you can retrieve by using queries, see Security Best Practices and Privacy Information for Configuration Manager.

Security Best Practices for Queries

Use the following security best practice for queries.

Security best practice

More information

When you export or import a query that is saved to a network location, secure the location and secure the network channel.

Restrict who can access the network folder.

Use server message block (SMB) signing or Internet Protocol Security (IPsec) between the network location and the site server to prevent an attacker from tampering with the query data before it is imported.