Identify and Patch Software Security Vulnerabilities Quickly with Lumension. Centralized vulnerability assessment, patch management and automated patch deployment.Despite the emergence of high- profile hacks and a narrowing window for vulnerabilities to be exploited, not all computers have the latest security patches, allowing cybercriminals to create havoc on systems that are not kept up- to- date. The Conficker saga highlighted this tardiness last year after a flood of computers were infected by the worm over several months, even after a patch was made available by Microsoft in October 2. In April 2. 00. 9, Sophos' senior technology consultant Graham Cluley blogged that 1. Patch management is not the only aspect of enterprise security, but security vendors point to it as an important piece of the corporate IT protection puzzle. Vulnerability assessment. Ronnie Ng, Symantec's senior manager of systems engineering for Singapore, said in an e- mail that organizations need to constantly identify vulnerabilities and assess risks, in obtain to obtain . Patch acquisition and testing. Enterprises, he said, ought to monitor closely the availability of patches or updates. This can be achieved by deploying patches in a test setup that closely mirrors the production environment. On top of that, the network should also be validated to ensure it can sustain the updates, said Ng, adding that patches should be deployed in a controlled and predictable fashion. Smart patch deployment. He noted that communication is an important aspect during the deployment phase. When implementing patches, businesses need to keep users informed of patch rollout schedules, he explained. Mark Goudie, Asia- Pacific managing principal for investigative response at Verizon Business, pointed out that enterprises should minimize the patch packages, and keep things simple in their environment.? An attacker will happily use a package that you do not use but have installed on your system, to break into your enterprise. This includes logging actions and changes made during the patching process. Patch consistency. After the deployment, organizations need to verify that patches have been properly and successfully applied to all systems that require the update. How to Compare Patch Management Software. Each enterprise needs to determine the level of testing required for different situations, Maiwald says. How to Compare Patch Management Software. Server-based software scans the machines in the enterprise and initiates all actions on those machines. ManageEngine Desktop Central helps you to automate patch management for Windows, Mac and other 3rd party applications. Find and compare Patch Management software. Free, interactive tool to quickly narrow your choices and contact multiple vendors. External validation. According to Goudie, enterprises should also seek a third- party view of their patch management environment. In addition, attacks are also becoming more malicious and sophisticated. In view of this, software vendors and developers should not just focus on a fixed patch schedule but instead employ a combination of a fixed cycle, and a . Last month, Adobe Systems' Brad Arkin said in a blog post that the company decided not to produce an out- of- cycle fix for a vulnerability in its Acrobat and Reader, as it would take about two to three weeks to code and . However, Microsoft last July deviated from its monthly Patch Tuesday to release an emergency patch for a critical vulnerability in Internet Explorer and a less severe one in Visual Studio. Verizon's Goudie said the regular patching cycle has its merits to organizations- -offering them . Altiris Patch Management Solution - Patch Management In The Enterprise, Part IIAs we extend beyond the patch management tools that we use on a regular basis, a colleague suggested a look at Altiris' Patch Management Solution. Altiris is a company that offers an entire range of products that can interact with one another, and are designed with the IT Infrastructure Library (ITIL) in mind. Defining and discussing ITIL is beyond the scope of this article, but those who are interested can refer to several websites for additional information. Patch Management Solution - not exactly the most imaginative name ever conceived - is an agent- based tool that requires that client software be installed on every managed workstation or server. Fortunately, the agent doesn't have extreme system requirements, needing just 5 MB of disk space and 6. MB of RAM, and should seamlessly interact with the notification server. While providing vulnerability analysis and patching PCs is its primary function, Patch Management Solution isn't a one trick pony. It also provides hardware and software inventory information, and the ability to deploy standard software. This appears to be a common trait among patch management tools: The more value they provide, the more attractive they are to potential customers. Altiris also opted for a web- based administrative console. Deploying a patch with Altiris' Patch Management Solution is easy to accomplish. Using the web- based administrative console, a few clicks allow you to read up on a specific vulnerability, download it from the vendor's website, and queue it up for deployment. One feature that Altiris pushes is integration with . Given the timelines discussed in Part 1 of this series, many organizations have cut back on the exhaustive testing of individual patches. They opt rather to deploy the patch immediately with little testing to ensure that their infrastructure is secured promptly. If the patch causes problems, it can be rolled back later. Is Patch Management Solution capable of patching remote clients? Yes, Altiris has kept the mobile workforce in mind, and remote clients will be able to receive patch deployments without flooding their slower network connections. In the event that there is a break in connectivity prior to patches being fully delivered to a remote system, it is capable of resuming the transfer the next time that particular machine connects to the network. Real- time reporting is a must for most large organizations, and Altiris provides it. Any quality patch management tool must provide real- time reports. Altiris has included such reporting in its Patch Management Solution. Out of the box, you will be able to summarize what patches are currently available, view all identified vulnerabilities, and get real- time status updates on any patches you've deployed with the tool. In particular, there are several vulnerability analysis reports, which provide excellent information about the status of your environment. If your organization follows the principles defined by ITIL and IT Service Management, you might want to look at the suite of tools provided by Altiris.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2016
Categories |