MECM/SCCM

With the end of life of Ivanti DSM, organizations must urgently address the replacement.
SOFTTAILOR is a partner of Microsoft (Intune, SCCM), Baramundi and Ivanti and helps you migrate from Ivanti to Microsoft or Baramundi.

Microsoft Configuration Manager zeigt 'Device Collections' mit Gerätesammlungen wie 'All Client Systems', Mitgliederanzahl und weiteren Details an.
What is Microsoft Endpoint Configuration Manager?

that Powerhouse for endpoint management On-premise and in the cloud

The Microsoft Endpoint Configuration Manager (MECM) — also known as SCCM — is the on-premise standard for the deployment and security of devices and applications. Continuously developed since the 1990s, MECM is today an extremely sophisticated and powerful solution that is used by organizations all over the world. The special thing: With co-management, MECM combines your on-premise infrastructure with the possibilities of the Microsoft cloud.

The highlights are:

  • Sophisticated on-premise solution with high integration capacity
  • Go-to solution for managing Windows servers and other high-availability endpoints (e.g. point-of-sale devices)
  • Connection and integration into the Microsoft cloud universe
  • Included with Microsoft 365 E3 and E5 licenses

Who is Microsoft Endpoint Configuration Manager for?

MECM is the top dog for managing on-premise and highly available Windows devices: whether servers or point of sale and production systems. MECM is also the first choice for organizations that do not want to move endpoint management to the cloud and, in extreme cases, operate air-gapped networks.

We usually implement co-management with MECM and Intune to combine the power of MECM with the power of the Microsoft cloud.

For detailed advice
‍benefits

Built for Windows Endpoints

MECM is a very sophisticated product with many features that is extremely good at what it should do: manage endpoints with a Windows operating system. The granularity of the configurations is significantly higher in many places than with Intune.

Sophisticated and configurable

Patching, inventory, managing applications, software metering, OS deployment and upgrades, extremely robust reporting, and more. MECM can deliver exactly what you want on devices at just the right time and under specific conditions. This means that MECM is almost unlimited and precisely configurable.

Integrates

Due to the widespread use and popularity of Configuration Manager, there is, on the one hand, a high level of integration with almost all Microsoft products, as well as connection options for other products such as ServiceNow or Spider via REST API, PowerShell or even database.

Windows Servers & On-Premise Endpoints

The management of servers and end user devices is very different, which is why Microsoft omitted servers when designing Intune and this is only possible with MECM. Plus, managing endpoints without an Internet connection is impossible with Intune.

Endpoint management with a focus on availability

Configuration Manager turns the complex management of highly available devices, such as point of sale solutions, into a straightforward process and reduces patching costs.

The most popular UEM tool

As a result of the long and widespread use, a huge community has formed around the Configuration Manager. As a result, there are various add-ons, tools and forums that aim to automate and solve every problem.

Get non-binding advice now

Let's talk MECM. Let's discuss your challenges and goals to understand how we can best help. With clear recommendations, implementation strength and tried and tested procedures.

Arrange an initial consultation

Has Intune replaced MECM?

No: Intune is the more modern product, but especially in more complex environments, the full power of Microsoft endpoint management often comes together. Intune opens up the world of modern unified endpoint management and the convergence of endpoint management and endpoint security, but has a strong focus on Internet-connected end-user devices and simplifying administration. Anyone who wants to continue to control the deployment of end devices in a very granular way, as well as manage servers, on-premise and high-availability endpoints, needs MECM - and there are no known plans to change this. In addition, MECM's extensive reporting is often used to support regulatory requirements. We recommend co-management with MECM and Intune in almost all cases.

Learn more about Microsoft Intune
Services

Your trusted partner to simplify MECM

The Microsoft Endpoint Configuration Manager is a powerful tool, but it also requires complexity and maintenance and must be well tailored to your individual organization. MECM is our everyday tool. Let us take away the complexity of MECM for you.

MECM Harbour Tour & Licensing
Design & migration to MECM
MECM Managed Services
MECM Support & Advice
MECM training
MECM software packaging
Our most popular service: Managed UEM solution

Managed Services for
MECM and Intune

Managed MECM
Managed Intune

MECM as a Service, not as a Struggle

MECM experts are rare, expensive and not redundant. Many companies therefore have problems correctly configuring, keeping up to date, and monitoring MECM. They are not using their full potential, or even worse, are frequently troubleshooting.

What we offer for IT teams like yours

  • Basic MECM configuration according to best practices

  • Backup, update, and proactive monitoring

  • On demand support, troubleshooting, and expert development

  • Proactive recommendations on optimization potential and new features, adapted to your environment

  • Monthly service review

  • Expandable with Endpoint Management aaS modules for maximum security and productivity

    • Let us know what we do best

  • Stability instead of headaches and wasted time with MECM

  • A go-to partner with knowledge from numerous supervised MECMs

  • Redundant and flexibly scalable

  • Significant cost savings vs. internal set-up of equivalent know-how, capacity and redundancy

  • Capacity for you to further develop the overall direction of your IT

    • Book a meeting
    Runde Struktur aus orangefarbenen Würfeln mit einem einzelnen orangefarbenen Kugelzentrum vor hellem Hintergrund.
    Softtailor und Ionos Logos mit einem X verbunden

    Optional: MECM in the German cloud

    Together with our partner IONOS, we offer you a fully managed MECM.

    Highly available

    With true data sovereignty

    Co-management with MECM & Intune without on-premise infrastructure

    About IONOS

    Intune as a Service, not as a Struggle

    Microsoft Intune is rapidly evolving. Your endpoint strategy and the management of this ecosystem are endless. The resulting workload can be overwhelming for IT teams, meaning they can no longer focus on the overall direction of corporate IT.

    What we offer for IT teams like yours

  • Intune basic configuration based on best practices

  • Proactive monitoring of availability and functionality

  • On demand support, troubleshooting, and expert development

  • Proactive recommendations on optimization potential and new features, adapted to your environment

  • Monthly service review and proactive recommendations

  • Expandable with Endpoint Management aaS modules for maximum security and productivity

    • Let us know what we do best

  • Stability instead of headaches and wasted time with Intune

  • Always up to date on Intune's latest features and capabilities

  • A go-to partner with the knowledge of numerous supervised Intune Tenants

  • Redundant and flexibly scalable

  • Significantly lower costs vs. internal setup of the same know-how, capacity and redundancy

  • Capacity for you to further develop the overall direction of your IT

    • Book a meeting
    Runde Struktur aus orangefarbenen Würfeln mit einem einzelnen orangefarbenen Kugelzentrum vor hellem Hintergrund.
    In action

    This is what MECM looks like in action

    Easy Bare Metal OS installation over the network

    With the initial OS installation via the network, no operating system has to be installed on the computer beforehand, but the operating system is installed completely according to your own specifications, without unnecessary software.

    Task Sequence Editor Fenster für Windows 11 23H2 Pro DE zeigt Schritte zur Installation und Einrichtung des Betriebssystems mit Auswahl von Image-Paket und Zieldatenträger.
    Features

  • Zero Touch Provisioning

  • Installing via PXE

  • Definition of the installation or task sequence

    • Benefits

  • Device deployment time is reduced

  • Individually defined and consistent status after installation regardless of the pre-installed OS

  • Reducing help desk expenses through standardization

    • In-depth inventory

    A comprehensive solution for collecting and providing inventory data.

    Microsoft Configuration Manager Resource Explorer zeigt Hardwarekategorien und Details wie PC BIOS mit Hyper-V UEFI Release v4.1 von Microsoft Corporation.
    Bildschirmansicht von Microsoft Configuration Manager zeigt eine Liste inventarisierter Software mit Produktnamen, Herausgebern und Versionen.
    Software Metering Ansicht in Microsoft Configuration Manager mit einer Liste von 100 Softwareartikeln inklusive Namen, Originaldateinamen, Dateiversionen, Sprachen und Status.
    Features

  • In-depth information about software and hardware inventory

  • Simple expansion and adjustment of information is possible

  • Collection of information about actually used software

    • Benefits

  • Deep insight into the hardware and software used

  • Save license costs due to unused software

  • No manual effort for additional information that needs to be collected

    • Ensuring the high availability of end devices

    With Microsoft Configuration Manager, it is possible to clearly define when an installation or restart is allowed. Even dependencies on other systems can be included.

    Zeitplaneinstellungen für STT-PATCH-SERVER-MainW1 mit Startzeit 20:00 Uhr, Endzeit 22:30 Uhr, Dauer 2 Stunden 30 Minuten, Wiederholung wöchentlich am Samstag, Anwendung auf Softwareupdates.
    Fenster des Wizards 'Create Orchestration Group' mit der Registerkarte 'Rules Selection', Optionen zur Aktualisierungssteuerung und einer Tabelle mit Ressourcen-IDs und -Namen.
    Fenster des Wizards 'Create Orchestration Group' mit dem Tab 'Script Picker' ausgewählt, zeigt Optionen zum Hinzufügen von Skripten vor und nach der Installation mit Timeout-Einstellungen von 120 Sekunden.
    Features

  • Precise definition of maintenance time windows when installation of updates and/or applications is allowed

  • Define orchestration groups to allow installations, and restarts depending on the availability of other systems

  • Deadlines for installing updates and applications at the defined time

    • Benefits

  • Systems are only updated at a defined time

  • High availability of systems

  • No annoying updates during critical business hours

    • Integration with Mondern Endpoint Management

    MECM is the bridge to Microsoft Intune and many other Microsoft cloud features and combines endpoint management of on-premise devices with modern endpoint management.

    Einstellungenfenster mit Registerkarten auf der linken Seite, 'Computer Restart' ist ausgewählt; rechts sind benutzerdefinierte Geräteeinstellungen mit Optionen zum Zugriff auf Cloud-Verteilungspunkt, automatische Registrierung von Windows 10 Geräten mit Azure Active Directory und Aktivierung eines Cloud-Management-Gateways.
    Microsoft Configuration Manager interface showing Azure Services with Cloud Attach selected under Cloud Services in the Administration panel.
    Softwarebibliothek-Menü mit Ordnern für Übersicht, Anwendungsverwaltung, Softwareupdates, Betriebssysteme, Windows-Servicing, Desktop-Analytics-Servicing, Microsoft Edge-Verwaltung, Office 365-Client-Verwaltung, Windows 11 Upgrade-Vorbereitung und Skripten.
    Microsoft Configuration Manager dashboard showing Windows 11 Upgrade Readiness with charts for device information, feature update versions, upgrade experience indicators, and minimum hardware requirements.
    Features

  • Cloud Management Gateway

  • Azure AD group synchronization

  • Co-management (integration with Intune)

  • Cloud analysis of devices

    • Benefits

  • Using Intune features for OnPremise devices

  • Managing endpoints over the Internet through a Microsoft-hosted infrastructure

  • Easy transfer and assignment to Entra ID

  • Windows 11 Readyness Assessment

    • Microsoft Configuration Manager Remote Control

    Resolve issues quickly, easily, and securely with Configuration Manager Remote Control.

    Screenshot of Microsoft Configuration Manager showing device search results with a right-click context menu open on device 'SAUTOMATION', displaying options like Add Selected Items, Install Client, Run Script, and Start with sub-options such as Resource Explorer and Remote Control.
    Fenster der Standard-Einstellungen für Remote-Tools in Microsoft Configuration Manager mit Konfigurationsoptionen für Fernsteuerung, Remotesitzungen und Remotehilfe.
    Features

  • Remote connection authenticated via AD

  • Lock screen access

  • Easy configuration whether user consent is required or not

  • Sending Ctrl+Alt+Del, sharing the clipboard, locking the mouse and keyboard

    • Benefits

  • Increased end-user productivity and satisfaction

  • Access when the device is only turned on to solve tickets in absentia

  • Preventing disruptions when resolving problems

    • comparison

    MECM vs. Intune: Co-management is the way to go

    Cloud-only with Microsoft Intune

    No management of servers

    No management of on-premise endpoints

    Poor management of highly available endpoints

    More automation but less precise configuration options

    Superficial reporting

    Co-manage with MECM and Intune

  • Accurate management of highly available endpoints

  • Management of on-premise endpoints up to entire air-gapped networks

  • Microsoft server management

  • Best of both worlds: Benefits of MECM for end user devices and benefits of Intune for on-premise devices

  • Large community and adaptability to individual requirements

  • Comprehensive, detailed reporting

    • Free endpoint security check

    Rotes Schild mit einem Vorhängeschloss-Symbol in der Mitte, das Sicherheit und Schutz darstellt.

    Companies with best-practice endpoint management are demonstrably better protected. With the free Endpoint Security Check, you can find out how well your devices are protected.

    Schedule an Endpoint Security Check now
    90%

    All successful ransomware attacks originate from poorly and unmanaged devices

    11x

    Higher probability of cyber attacks on > 20% unmanaged or poorly managed devices

    Learn details
    Case studies

    How companies benefit from our partnership

    View all cases
    01
    MECM+system hardening @ textile manuf.

    Managed MECM and system hardening for manufacturers of innovative textiles

    Manufacturing industry
    |
    >2,500
    staffs

    Challenge:

    • Small IT team needs specialized support to operate MECM
    • The team had recognized the importance of standard system hardening, but could not guarantee it themselves

    The solution:

    • Managed service for MECM with managed UEM and trouble shooting for international locations
    • Adapting the CIS standard to an individual environment
    • Regular system hardening as a service in accordance with CIS standards
    01
    Intune+system hardening @ game developer

    Intune Deployment and Managed Service Plus System Hardening for Game Developers

    Game development
    |
    >100
    staffs

    Challenge:

    • Customer was dissatisfied with the speed and expertise of the old service provider
    • Intune should be introduced and cyber security significantly improved

    The solution:

    • From the 1st Intune workshop to implementation and long-term support
    • Establishment and regular updates of security baselines,
    • Microsoft Defender for Endpoint Implementation and Managed Service
    • SOFTTAILOR as a new go-to partner
    01
    Patch Management @ Law Firm

    Patch Management as a Service for law firm

    Professional Services
    |
    >500
    staffs

    Challenge:

    • Customer wants to migrate to Intune
    • High importance of cybersecurity in a very sensitive environment
    • More than 200 applications must always be patched

    The solution:

    • Managed service for partially automated continuous updating of applications
    • Close integration into the vulnerability management process
    • Migrate software packages to Microsoft Intune
    01
    Software packaging @ Energy provider

    Application packaging aaS for energy suppliers

    energy supply
    |
    >1,500
    staffs

    Challenge:

    • Restructuring should separate the IT department and infrastructure from the existing
    • New IT department is being streamlined
    • The company is therefore unable to manage 350 applications itself

    The solution:

    • Application packaging aaSin close coordination with the internal IT department
    • Provision of a customer portal to view status
    • Considering high safety requirements
    Let's talk Endpoint Management

    The fastest path to secure and productive endpoints

    Secure and productive endpoints in three steps.
    Learn what you need to do and how to get to more structure and secure and productive endpoints in the shortest possible way.
    1
    Free initial consultation

    We'll get to know each other and find out what's currently on your mind when it comes to MECM. You will get initial ideas on how we can help you.

    2
    Proposed solution & offer

    After the initial discussion, we will present you with a specific proposed solution and the offer for implementation.

    3
    transposition

    Equipped with automation and best practices, our team implements the proposed solution in record speed.

    Die zwei Geschäftsführer von Softtailor schauen freundlich und kompetent in die Kamera.

    Let's get started!

    +49 6151 6291 690
    contact form
    initial consultation

    The most important things about MECM

    What is Microsoft Endpoint Configuration Manager (MECM/SCCM)?

    Microsoft Endpoint Configuration Manager (MECM) is the essential solution for companies seeking precise and comprehensive management of their devices — whether on-premise, in hybrid environments, or through integration with the Microsoft cloud. With decades of development, MECM is a proven, flexible and powerful platform that meets modern endpoint management requirements.

    Why SOFTTAILOR is your partner for MECM

    “MECM expertise is required, but often difficult to find. Many companies are faced with the challenge of correctly configuring MECM, keeping it up to date and monitoring it efficiently. The full potential is often not exhausted, while valuable resources flow into troubleshooting. ”

    — Thore Lenz, CEO of SOFTTAILOR

    MECM can be complex to implement and maintain. This is exactly where SOFTTAILOR comes in: As an experienced partner, we help you make optimal use of MECM — from basic configuration to continuous monitoring to long-term optimization. Our goal is to take away the complexity of MECM and at the same time increase the efficiency and security of your IT environment. Our services include:

    1. Individual solutions: We tailor MECM exactly to the requirements of your organization — whether for small teams or global companies.
    2. Proactive maintenance: Thanks to regular updates and optimizations, your system always remains stable and powerful.
    3. Cost efficiency: Save time and resources by relying on SOFTTAILOR's know-how instead of setting up your own structures.

    Get started now: Companies that rely on MECM benefit from a sophisticated solution for managing their devices, better security and a more efficient IT infrastructure. Together with SOFTTAILOR, you can utilize the full potential of MECM — without additional effort for your team. Our experienced team is ready to analyse your challenges and develop tailor-made solutions for your company. Here Can you make an appointment.

    Co-management with MECM/SCCM and Intune

    The combination of MECM and Intune provides you with the optimal solution for endpoint management. This hybrid approach allows you to continue managing on-premises systems with precision while benefiting from the advantages of modern cloud solutions. SOFTTAILOR helps you combine the best of both worlds.

    Vorteil Intune SCCM/MECM Co-Management
    On-Premise-Management ggf. ohne Internetverbindung
    Verwaltung von Servern
    Verwaltung Hochverfügbarer Endgeräte
    Detailliertes Reporting
    Granulare Einstellungsmöglichkeiten
    Detaillierte Inventarisierung (✅)
    Cloud-basierte Verwaltung
    Fokus auf mit dem Internet verbundene End User Devices
    Zero-Touch-Provisioning
    Konvergenz von Endpoint Management und Security
    Nutzung moderner Cloud-Features und Integration in M365
    Skalierbarkeit ohne eigene Infrastruktur
    Intelligente Features durch KI

    MECM plans and licenses

    Available Microsoft plans for MECM/SCCM

    Microsoft Endpoint Configuration Manager (MECM), also known as System Center Configuration Manager (SCCM), is included in a variety of Microsoft subscription plans designed specifically for businesses. Plans that include MECM/SCCM as standard include:

    • Microsoft 365 E3
    • Microsoft 365 E5
    • Microsoft 365 F3 (formerly Microsoft 365 F1)
    • Enterprise Mobility+ Security (EMS) E3
    • Enterprise Mobility + Security (EMS) E5
    • Intune User Subscription License (USL)

    Microsoft 365 Business Premium limitations

    It is important to note that Microsoft 365 Business Premium not offers the same MECM/SCCM licensing benefits as Enterprise (E) or Frontline Worker (F) subscriptions. Although Business Premium includes Intune Plan 1, however, MECM/SCCM licenses are not included in this plan. If your organization needs these features, alternative Microsoft plans or separate licensing are required.

    Individual MECM/SCCM licenses

    If your company does not want to use one of the above subscriptions, it is possible to purchase MECM/SCCM as a standalone license independently of the Microsoft packages. This flexibility enables companies to individually adapt their IT solutions. We would be happy to provide you with detailed advice on this topic. Arrange a initial consultation.

    Attention: Special notes about server management

    Managing servers is a central point when using MECM/SCCM. SCCM licenses for managing servers are never included in the above subscriptions and must always be purchased separately. These licenses are essential for companies that want to professionally and efficiently manage server environments.

    blog

    Expert Insights To Go: Our Newest Blog Posts

    4.3.2026
    Endpoint Strategy

    On-premises vs. cloud — which IT strategy is right for your company?

    A hybrid cloud strategy combines on-premises and cloud resources in such a way that workloads run where it makes the most sense functionally, technically, and organizationally. In practice, this often means that sensitive or heavily regulated systems remain on-premises, while scalable services, modern collaboration, or new applications are operated in the cloud.

    Read more
    14.2.2026
    System hardening

    NIS2 compliance through client hardening: requirements, implementation, evidence

    The regulatory basis for NIS2 implementation consists of several documents that are not easy to understand at first glance. They range from the EU directive to the binding EU implementing regulation to the German implementation law.

    Read more
    12.2.2026
    Patch Management

    When is Patch Management NIS2 compliant?

    NIS2 requires companies to install security patches within a reasonable period of time — and verifiably. This means that it is no longer enough to install patches at some point. They must be prioritized, tested, documented and rolled out in a traceable manner.

    Read more

    Always a step ahead!

    We send IT decision makers and endpoint administrators hand-curated news, technical insights and practical tips about endpoint management & security that are not available anywhere else.

    MECM/SCCM Frequently Asked Questions

    What integration options does SCCM offer with other Microsoft services?
    What is PowerShell's role in SCCM administration?
    What are MECM's key features?
    How does Softtailor support the implementation of SCCM/MECM?
    How do I set up SCCM for my company?
    What are the costs associated with using SCCM?
    How are updates managed in SCCM?
    How does SCCM contribute to cybersecurity?
    What is Endpoint Manager in MECM?
    How does software distribution work in SCCM?
    What are SCCM's system requirements?
    What are the benefits of SCCM for companies?
    What is co-management with SCCM and Intune?
    What is MECM and how is it different from SCCM?
    What is SCCM?