< Blog

How to Install Vulnerability Assessment Configuration Pack

By Garth Jones

Security is one of the most important concerns for any company, but auditing the security of 100 computers is a huge task, let alone 10,000 computers. This is where System Center Configuration Manager (ConfigMgr) comes into play.

ConfigMgr allows you to write a Configuration Item (CI) for each item you want to check. You then can bundle multiple CIs into a Configuration Baseline (CB) which is deployed to a collection of computers, but who wants to try and write a pile of CIs? Do you even know what to track?

Lucky for you Microsoft recently released its Vulnerability Assessment Configuration Pack. What is it? To quote the download link, “Configuration Manager Vulnerability Assessment allows to scan managed systems for common missing security updates and misconfigurations which might make client computers more vulnerable to attack.”

With a small amount of work you can check your vulnerability assessment without ever leaving your office!

1. Start by downloading the Vulnerability Assessment Configuration Pack.

How to install Vulnerability Assessment Configuration Pack-Step 2

2. Click Next.

How to install Vulnerability Assessment Configuration Pack-Step 3

3. Select I accept… and then click Next.

How to install Vulnerability Assessment Configuration Pack-Step 4

4. Click Next.

How to install Vulnerability Assessment Configuration Pack-Step 5

5. Click Install.

How to install Vulnerability Assessment Configuration Pack-Step 6

6. Click Finish.

7. Next open the ConfigMgr Console.

How to install Vulnerability Assessment Configuration Pack-Step 8

8. Ensure that your PowerShell execution policy is set to Bypass as it is above.

How to install Vulnerability Assessment Configuration Pack-Step 9

9. Navigate to Assets and Compliance / Compliance Settings / Configuration Baselines, right-click and select Import Configuration Data.

How to install Vulnerability Assessment Configuration Pack-Step 10

10. Click on the Add… button.

How to install Vulnerability Assessment Configuration Pack-Step 11

11. Locate the VACP.cab file, select it and then click Open.

How to install Vulnerability Assessment Configuration Pack-Step 12

12. Click Next.

How to install Vulnerability Assessment Configuration Pack-Step 13

13. Click Next.

How to install Vulnerability Assessment Configuration Pack-Step 14

14. Click Close.

How to install Vulnerability Assessment Configuration Pack-Step 15

15. Right click on the first baseline (Vulnerability Assessment: IIS Baseline) and click Deploy.

How to install Vulnerability Assessment Configuration Pack-Step 16

16. Highlight and click the add button for Vulnerability Assessment: SQL Server Baseline and Vulnerability Assessment: Windows Baseline.

How to install Vulnerability Assessment Configuration Pack-Step 17

17. Using the Browse button select the collection you wish to deploy before clicking the OK button to complete the Wizard.

With that last step you are done!