Microsoft Endpoint Configuration Management
Microsoft Endpoint Configuration Management (MECM) is a configuration management tool for managing software and software updates across your different devices. You can bring asset, software install, and software product data from MECM into Brinqa to gain visibility into your assets and strengthen your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with MECM and how to obtain that information from Microsoft. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Microsoft Endpoint Configuration Management from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate MECM with Brinqa:
-
Server name: Your organization's MECM SQL Server name.
-
Port: The TCP (Transmission Control Protocol) or IP port number that is used to communicate with the MECM SQL server.
Additional settings
The MECM connector contains additional options for specific configuration:
-
Database name: The MECM database name. The database name uses the following format:
CM_<SiteName>
. -
Use Windows Authentication mode: Select this option to authenticate against the SQL server using Windows authentication. This option requires specifying the domain in the Domain field.
-
Domain: If using Windows Authentication, specify the Windows domain to authenticate in.
-
User name and Password: Specify the username and password of the SQL server account, which must have permissions to log in to the database and return data.
-
advanceUri: Specify additional connection parameters or options for direct usage. For example, you might use this to configure encryption, specify the network protocol, or provide other SQL Server connection properties. For example:
-
If you want to ensure that the connection to your SQL Server is encrypted, you might specify a parameter like so:
jdbc:sqlserver://[servername]:[port];databaseName=[yourDatabaseName];encrypt=true;trustServerCertificate=true
This configuration ensures that the data transmitted between the MECM connector and the SQL Server is encrypted and that the SQL Server's SSL certificate is verified.
-
If you want to specify the number of seconds the driver waits for a SQL command to execute before timing out, the parameter might look like this:
jdbc:sqlserver://[servername]:[port];databaseName=[yourDatabaseName];queryTimeout=30;
This configuration ensures that SQL commands do not run indefinitely by preventing potential hang-ups due to long-running queries.
-
Types of data to retrieve
The MECM connector can retrieve the following types of data from your MECM SQL server:
Connector Object | Required | Maps to Data Model |
---|---|---|
Asset | Yes | Host |
Software Install | Yes | Installed Package |
Software Product | Yes | Package |
The MECM Connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from the MECM Connector in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Asset
Table 2: Asset attribute mappings
Source Field Name | Maps to Attribute |
---|---|
Active directory site | Local variable |
Client type | categories |
Client version | Local variable |
CPU type | Local variable |
Creation date | sourceCreatedDate |
Decommissioned | status |
Distinguished name | Local variable |
Domain name | dnsNames, publicDnsNames, privateDnsNames |
Hardware ID | Local variable |
Hardware scan | Local variable |
Internet enabled | Local variable |
IP addresses | ipAddresses, publicIpAddress, privateIpAddress |
Last logon | lastLogin |
Last reboot | Local variable |
MAC address | macAddresses |
Name | name |
NetBIOS name | Local variable |
Obsolete | status |
Operating system | os |
OS version | currentVersion |
Portable operating system | Local variable |
Serial number | serialNumber |
Software scan | Local variable |
Status | status, sourceStatus |
Sys ID | uid |
Virtual machine | Local variable |
VM host name | hostnames |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Software Install
Table 3: Software Install attribute mappings
Source Field Name | Maps to Attribute |
---|---|
ASSET_ID | targets |
INSTALL_DATE | installDate |
LAST_DISCOVERED | lastSeen |
PRODUCT_ID | Local variable |
SYS_ID | uid |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Software Product
Table 4: Software Product attribute mappings
Source Field Name | Maps to Attribute |
---|---|
LAST_DISCOVERED | lastSeen |
NAME | name |
PUBLISHER | publisher |
SYS_ID | uid |
VERSION | currentVersion |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
APIs
The MECM connector does not use any API endpoints.
Changelog
The MECM connector has undergone the following changes:
3.4.5
- No change.
3.4.4
- No change.
3.4.3
- No change.
3.4.2
- No change.
3.4.1
- No change.
3.4.0
- No change.
3.3.9
- No change.
3.3.8
- Fixed an issue where hostnames on the Asset object were incorrectly appended with a comma.
3.2.0
- Initial Integration+ release.