Novell ZENworks Patch Management Best Practices


Published on

Since the first virus arrived on the IT scene, patching software has been a costly and time-consuming IT focus. In fact, “Patch Tuesdays” have come to symbolize the drain software patches place on organizations of every description. Attend this session to find out how Novell ZENworks Patch Management—working hand-in-hand with Novell ZENworks Configuration Management—can make Patch Tuesdays a thing of the past. You'll learn about the benefits of integrated patch and configuration management. You'll also receive tips, tricks and inside information to successfully deploy and troubleshoot Novell ZENworks 10 Patch Management and realize its true potential.

1 Comment
  • I Got The Full File, I Just Wanna Share to You Guyszz.. It's Working You Can The Download The Full File + Instructions Here :
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Novell ZENworks Patch Management Best Practices

  1. 1. Novell ZENworks Patch ® ® Management Best Practices Allen McCurdy Scott Guscar Technology Specialist Technology Sales Specialist Novell, Inc/ Novell, Inc/
  2. 2. Agenda Configuring Patch Management Services Patch Deployment Patch Baseline Reporting Demo 2 © Novell, Inc. All rights reserved.
  3. 3. Configure Patch Management Services
  4. 4. Important Initial Configuration Issues: • Patch Management OFF by default – Select your ZENworks Configuration Manager server ® – Start the service! • Ensure the server has – 4GB RAM w/ 40GB Free Disk – 2Ghz Dual Core Processor, or better… • Choose your Replication Time – Midnight by default • Select Language(s) for Patch Subscription – US English by default 4 © Novell, Inc. All rights reserved.
  5. 5. Steps Needed to get Patch Services Operational 1.Activate Product 2.Configure Subscription Download 3.Configure Http Proxy 4.Configure Mandatory Baseline Settings 5.Configure Subscription Service Information 5 © Novell, Inc. All rights reserved.
  6. 6. Activate Product 6 © Novell, Inc. All rights reserved.
  7. 7. Patch Serial Number • NO SERIAL NUMBER REQUIRED – For first 60 days of Novell ZENworks Configuration ® ® Management evaluation !!! • When required …enter a valid Novell s/n ® – Only enforces expiration – Requires SSL outbound (443) – Node count displayed for information only! • Does it work with ZENworks Patch Management serial ® number? - Yes Tip: When you buy ZENworks Configuration Management, the trial period ends! 7 © Novell, Inc. All rights reserved.
  8. 8. Configure Subscription Download Other languages supported: Italian, Simplified Chinese, Finnish, Russian, German,Hong Kong Chinese and Czech 8 © Novell, Inc. All rights reserved.
  9. 9. Configure Http Proxy **If your proxy cache's content, patch services may not work properly 9 © Novell, Inc. All rights reserved.
  10. 10. Configure Mandatory Baseline Settings New in version 10.3 10 © Novell, Inc. All rights reserved.
  11. 11. Configure Subscription Service Information Tip: Please note that if the “Reset Patch Management Settings” button is selected all patch content will be lost. 11 © Novell, Inc. All rights reserved.
  12. 12. “ZENworks Patch Management” ® Sub-folder • Auto-created by Novell ZENworks Patch Management ® ® – Content is refreshed daily from • Three types of Bundle – Remediation Bundle (Single Bundle, no reboot) – Discover Applicable Updates (Single Bundle) – ZENworks Patch Management Assignment (Directive Bundle = collection of bundles) > Name includes date and time of assignment > Reboot handling options • Useful for Tech Support – What was assigned where and when… Tip: Dont' mess with ZENworks Patch Management System folder! 12 © Novell, Inc. All rights reserved.
  13. 13. Subscription Replication • Definitely NOT a spectator sport! – Files download to /zenworks/zpm/dist – Download takes 20 mins or more – Bundling can take 30 - 40 mins (high CPU) – DAU creation takes 5 mins – Assignment Updates 1+mins • Let it run overnight – Or prepare ahead of time! 13 © Novell, Inc. All rights reserved.
  14. 14. Replication Status 14 © Novell, Inc. All rights reserved.
  15. 15. Patch Deployment
  16. 16. Discovering Vulnerabilities • Single File Bundle • One DAU task per: – Platform – Architecture – Language – Service Pack Runs: ANALYZE.EXE 16 © Novell, Inc. All rights reserved.
  17. 17. Patch Status Patch is Cached Patch needs to be Cached (downloaded) Patch is in download process Patch is Disabled Patch is apart of a Baseline Patch could not be Cached (error) 17 © Novell, Inc. All rights reserved.
  18. 18. Deploying Patches 1.Select Patch / Patches to be deployed 2.Accept any license agreements 3.Specify when the patch is to be deployed (Run Now, Scheduled or Event) 4.Adjust or accept the deployment order (multiple patches) 5.Select reboot options 6.Deployment Summary (accept or adjust) 18 © Novell, Inc. All rights reserved.
  19. 19. ZENworks Patch Management ® Assignment Bundle • Directive Bundle = “Bundle of Bundles” • Ordered list of Remediation Bundles – Ordered as the administrator wanted to install them + Reboot Action – User prompt message – User can cancel + Re-Scan Action – Runs a DAU at the end of patch install Runs: REMEDIATE.EXE 19 © Novell, Inc. All rights reserved.
  20. 20. Mandatory Baselines
  21. 21. Mandatory Baselines Mandatory baseline is a user-defined compliance level for a group of devices. • Can be applied to Groups or Dynamic Groups • Every few hours, depending on the results of the DAU task, the ZENworks Server determines the devices that are applicable and ® out of compliance (based upon the patches added to the baseline). • Necessary bundles, as defined in the baseline, are then deployed as soon as possible for each device. • After patches have been deployed, it might be necessary to reboot those devices for them to be detected as patched. 21 © Novell, Inc. All rights reserved.
  22. 22. Creating or Modifying Baselines • From a group object, select the patches tab • Select patches needed for the baseline • Click on action / assign to baseline 22 © Novell, Inc. All rights reserved.
  23. 23. Reporting
  24. 24. Reporting • Requires ZENworks Reporting Services ® • Customizable • Canned Reports 24 © Novell, Inc. All rights reserved.
  25. 25. Reporting Universe • Novell ZENworks Patch Management tables integrated ® ® into Universe • Patch Management Service reports – Vulnerability Summary – Vulnerability Detail – Baseline Compliance 25 © Novell, Inc. All rights reserved.
  26. 26. Demo Time
  27. 27. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.