UPDATE:
Our Intune publishing capability is now live.
Click here for more about our plans to improve and enhance this capability!
Original article...
Software Vulnerability Manager, in its next release scheduled for the week of December 14th, will introduce the ability to integrate with Microsoft Intune. This integration will enable you to publish both, Flexera Software Package System and Vendor Patch Module patches to Intune. All the update packages created in SVM (MSI and EXE) will first be wrapped into Intune’s native format, intunewin, and then published to Intune. Here is a sneak peak of how this much anticipated integration is shaping up for release planned before year’s end.
Connection to Microsoft Intune
One of tools in SVM Client toolkit is SVM Patch Configuration (aka Patch Daemon). The SVM Patch Configuration tool lets you setup connection between the SVM server and external deployment systems. The deployment system that is currently supported is Windows Server Update Services (WSUS) and it is being enhanced to support Microsoft Intune as well. The tool will provide various configuration settings to establish a connection between SVM and Intune. A prerequisite to setup this connection is to register SVM in Intune. During the registration process configuration settings like Client Id and Client Secret can be obtained from Intune.
You will be able to choose one of the following two ways to publish patches from SVM to Intune: Automated publishing and manual (individual) publishing of patches.
Automatic publishing of patches to Microsoft Intune
In SVM, you can subscribe your desired patches either in Flexera Software Package System (SPS) or Vendor Patch Module (VPM) for automatic publishing. The Patch Configuration tool monitors when a new version of the installer is available, based on your subscription. When configured, SVM will grab each new version and publish it to the connected deployment system automatically (considering optional filters if specified). There will be no change in the way you subscribe to the packages today. However, along with new connection settings for Intune, another new setting will be introduced in the Patch Configuration tool where you may specify your preferred deployment system. To leverage Intune for automated publishing of patches, you need only specify the configuration settings required for Intune connection and set Intune as your preferred deployment system. When a new version of the application is available, the Patch Configuration tool will publish it to Intune automatically.
Manual publishing of packages to Microsoft Intune
In the Create Update Package wizard, on Step 4, a new option will be introduced to publish the newly created package through this wizard, to Intune. There will be no change in the way you create a single update package today for publishing to WSUS. However, there will be a change in the way how this newly created update package will be published to Intune. Upon successfully completing the wizard to create an update package to publish to Intune, this new package will appear in the Subscription Status view under the Patching menu. The Patch Configuration tool during its next check-in time will pick this new package and publish it to Intune. Along with the automatic publishing of packages, the Patch Configuration tool will also take care of the manual publishing of the packages. This approach will take SVM an important step forward in efforts to eliminate the requirement of ActiveX and Internet Explorer as a dependency in the future.
Support for Microsoft Intune in SVM has been a top requests from our customers. We would love to hear feedback. Please use the comment section below to share your thoughts or a private message to request a one on one session where we can engage in a discussion.
Important Note: This functionality is still under implementation. While there is possibility that some of the options/settings could be named differently or placed differently in the final product, the functionality will remain unchanged.
