Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Beyond Windows Patching: Dealing with the New Imperative to Patch Adobe, Apple, Linux and More

1,001
views

Published on

In today’s complex IT environment, you must be able to rapidly patch not only servers and operating systems, but also PC’s and third party applications. Join Randy Franklin Smith from Ultimate Windows …

In today’s complex IT environment, you must be able to rapidly patch not only servers and operating systems, but also PC’s and third party applications. Join Randy Franklin Smith from Ultimate Windows Security in this live webcast as he discusses going “beyond Windows patching” to other operating systems like Linux, UNIX and Apple, as well as the applications that run on them.

Download the presentation to:
*Learn the security gaps that exist by relying upon multiple, platform-specific patch management utilities.
*See a product demonstration that shows how you can centralize and streamline patch management across your entire organization.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,001
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Beyond Windows Patching: Dealing with the New Imperative to Patch Adobe, Apple, Linux and More
    • Commissioned by:
    © 2010 Monterey Technology Group Inc.
  • 2. © 2010 Monterey Technology Group Inc.
    Brought to you by
    Speakers
    Russ Ernst, Senior Product Manager
    Andrea Bolz, Solution Marketing Manager
  • 3. Preview of Key Points
    © 2010 Monterey Technology Group Inc.
    Patching today’s enterprise against today’s threats
    Layer by layer
    Stats
    Tools
    Issues
  • 4. Product Patching
    © 2010 Monterey Technology Group Inc.
    WSUS
    • Over 100 patches a year
    • 5. Most released on monthly patch schedule
    • 6. Not all MS products covered by WSUS
    Microsoft Apps
    (Office, etc.)
    Windows
  • 7. Product Patching
    © 2010 Monterey Technology Group Inc.
    HP Insight Control, et al
    WSUS
    • Vulnerabilities are discovered and patches issued
    • 8. Very difficult to find on some hardware vendor sites
    • 9. Ability to automate patches varies
    • 10. Insight Control is $
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Windows
  • 11. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    HP Insight Control, et al
    WSUS
    • About one patch per week in Adobe Reader alone
    • 12. Automatic Updates is for the home user
    • 13. How to uninstall older versions?
    • 14. Risk of installing extra software
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Windows
  • 15. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    HP Insight Control, et al
    WSUS
    • Java patching is a nightmare
    • 16. Multiple versions required
    • 17. No enterprise tools
    • 18. Risk of installing extra software
    • 19. iTunes
    • 20. No enterprise tools
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Windows
  • 21. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    ?
    HP Insight Control, et al
    WSUS
    • Just because it is uncommon doesn’t mean you will never need to security patch
    • 22. Just exacerbates the whole heterogeneous patch management challenge
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Windows
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
  • 23. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    ?
    HP Insight Control, et al
    WSUS
    • 15 VMWare Security Advisories in 2010
    • 24. vCenter only updates ESX(i) hosts and vCenter
    • 25. Offline guest images
    • 26. Costs $
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Windows
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
  • 27. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    RHN, et al
    ?
    HP Insight Control, et al
    WSUS
    • 90 Security advisories so far in 2010 for v5 Enterprise Server
    • 28. RHN costs $
    • 29. Companies moving to “freer” distributions of Linux but you lose the management tools of RHN
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Windows
    Linux
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
  • 30. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    Sun Patch Manager, et al
    RHN, et al
    ?
    HP Insight Control, et al
    WSUS
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Unix
    Windows
    Linux
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
  • 31. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    Sun Patch Manager, et al
    RHN, et al
    ?
    HP Insight Control, et al
    WSUS
    ?
    Microsoft Apps
    (Office, etc)
    System Agents
    (Dell, HP, etc)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Unix
    Mac
    Windows
    Linux
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    • 20 Security advisories so far in 2010 affecting Mac OS
    • 32. No centrally controllable patch manager
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
  • 33. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    Sun Patch Manager, et al
    RHN, et al
    ?
    HP Insight Control, et al
    WSUS
    ?
    ?
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Apps and Agents
    Unix
    Mac
    Windows
    Linux
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
  • 34. Product Patching
    © 2010 Monterey Technology Group Inc.
    ?
    ?
    Sun Patch Manager, et al
    RHN, et al
    ?
    HP Insight Control, et al
    WSUS
    ?
    ?
    Microsoft Apps
    (Office, etc.)
    System Agents
    (Dell, HP, etc.)
    Adobe Apps
    (Acrobat, Flash)
    Other Popular Apps
    (Sun Java, QuickTime, iTunes, Browsers)
    Uncommon Apps
    Apps and Agents
    Unix
    Mac
    Windows
    Linux
    Virtualization Hosts
    (VMWare, HyperVisor, Xen)
    ?
    Virtualization Managers
    (vCenter)
    vCenter Update Manager
    Network Devices
    Routers, VPNs, Switches, Access Points, Firewalls
  • 35. How to handle enterprise patching
    © 2010 Monterey Technology Group Inc.
    Central security response team
    ID all hardware, software, devices
    ID team within IT responsible for each product
    Subscribe to each vendor’s security update service
    Subscribe to CVE lists
    Each advisory
    Does it affect any products we have?
    Contact appropriate team
    Track decision and follow through
    Document
    Regular vulnerability scanning
  • 36. Security Alerts
    © 2010 Monterey Technology Group Inc.
  • 37. Bottom Line
    © 2010 Monterey Technology Group Inc.
    Patch management
    Needs to be comprehensive and consistent across the enterprise
    Technology needed for efficiency and effectiveness
    Cooperation, coordination and workflow needed between security and operational teams
    Not just an OS issue anymore
    Not just a server issue anymore
    Not just a Microsoft issue anymore
  • 38. © 2010 Monterey Technology Group Inc.
    Brought to you by
    Speakers
    Russ Ernst, Senior Product Manager
    Andrea Bolz, Solution Marketing Manager
  • 39. Want to Learn More?
    Lumension
    info@lumension.com
    www.lumension.com
    http://blog.lumension.com
    Resource Center
    http://www.lumension.com/Resources/Resource-Center/Reduce-Your-Threat-Exposure.aspx
    © 2010 Monterey Technology Group Inc.