• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Training
 

Training

on

  • 420 views

 

Statistics

Views

Total Views
420
Views on SlideShare
420
Embed Views
0

Actions

Likes
0
Downloads
3
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Training Training Presentation Transcript

    • Welcome To Patchlink Technology Overview Vahid Sedghi www.patchlink.com [email_address]
    •  
    •  
    •  
    • Copyright Copyright © © PatchLink PatchLink ® ® 2003 All Rights Reserved 2003 All Rights Reserved Enterprise Patch Management Process Test
      • Develop Test Plan
      • Configure
      • Install
      • Test and Validate
      • Verify Requirements
      Plan
      • Schedule
        • Resources
        • Personnel
      • Develop Scripts
      Pilot
      • Repeat: x times
        • Login
        • copy
        • Install
        • Reboot
        • Verify
        • Test
      Rollout
      • Repeat: y times
        • Login
        • copy
        • Install
        • Reboot
        • Verify
        • Test
      • Support
      Monitor
      • Enforce/Validate
      • Subscriptions:
        • Vendors
        • Newsgroups
      • Web Searches
        • Vendor
        • Assoc
        • CERT/NIST etc.
      • Prelim Assess
      Research
      • Investigate
      • Assess Impact
      • Dependencies
      • Identify Targets
      • H/W and S/W Requirements
    •  
    •  
    •  
    • Subscription Agent MSXML Agent Web Services CAPI PLHOST HTTP(s) User Web Application WININET w3svc mssqlserver PatchLink Update PLUS Web Site (Inet Info) SQL Server PLUS Processes XML Authentication SSL Encryption HTML Authentication Encryption XML Authentication Encryption
    • HTTP PLUS Architecture Sub Agent SQL Srvr Agent MSXML WININET ADODB CAPI WinSock 2 TCP/IP HTTPS Inet Info Service MSVBVM60 PES40 WININET GravitixISAPI MS SQL Server .JSE Jobs w3svc mssqlserver sqlserveragent PatchLink Update
    •  
    •  
    • Server Features (cont.)
      • Built-in security
        • Subscription replication is always encrypted
        • PLUS server to agent communications can be encrypted
        • All packages are checked for digital signatures and CRC checked prior to installation
      • Support for multi-vendors patches
        • Many operating systems are supported
        • Many software vendors are supported
        • Addition support can be achieved through custom packages and the developers kit
    • Server Features (cont.)
      • Mandatory patch policy with automatic deployment
        • Mandatory patch baseline per group
        • Requires thoughtful design to prevent unexpected behavior
      • Patch Compliance Assurance Mechanism (PCAM TM )
        • Lock down inventory and receive alerts when changes occur to hardware, software, or services
    • Server Features (Cont.)
      • Content replication
        • PLUS server automatically downloads new content daily over SSL link
      • Software distribution
        • Create custom software distribution packages
      • Content import/export
        • For use in networks without Internet access
        • For use in secure networks
        • For replication of custom patches
    • Server Features (Cont.)
      • Building custom patches
        • Wizard based package creation utility
        • Can also be used to distribute .reg and .pol files
      • Recurring distribution task
        • Use with anti virus definitions
        • Database or file distribution
      • Network Vulnerabilities Assessment
        • Daily scans each computer to check for software based vulnerabilities
    • Server Features (Cont.)
      • Fully automatic disaster recovery
        • Agents automatically re-register with the PLUS server.
      • Multiple operating system support
        • Deploy patches to UNIX, Linux, and Netware
        • Macintosh support will be coming soon
      • Automatic Caching System (ACS)
        • Critical patches are automatically downloaded and cached locally through the subscription
    •  
    • Inside the Agent
    • PatchLink Update Server PatchLink Update Ran as System User Agent Processes Client Agent XML Deployments Agent Policies XML Authentication Encryption Files: Download Verify Destination Post Script #2 (WSH) Reboot Check Post Script #1 (CMD) Pre-Script (WSH) Upload Results
    • Agent Architecture Client Agent Detection Agent MSXML WININET WSH CAPI WinSock 2 TCP/IP SYSTEM USER PatchLink Update DAGENT.EXE
    • Agent Features
      • Built-in security
        • Checks vendor digital signature
        • Check PLUS CRC
        • Can be delivered via SSL
      • Patch signature
        • Each computer is scanned for patch signatures and fingerprints
      • Patch Fingerprinting 
        • Each patch is written with a number of identifiers that determine whether a patch is installed
    • Agent Features (Cont.)
      • Chained installation
        • Special q-chain task
        • Ensures proper .dll precedence
        • Required to run after multiple patches on NT
        • Recommended on Windows 2000
    • Agent Features (Cont.)
      • Workstation inventory (discovery agent)
        • Scan for
          • Hardware
          • Software
          • Services
          • Patch Fingerprints
      • Resume-able downloads
        • If a computer disconnects from the network, the download of the patch will resume once the connection is reestablished
      • Mobile-user enabled
        • Computers do not need to be connected to the network to deploy patches
        • Patches will begin to deploy once the computer is reconnected.
    • Update Server Client Agent Policy =5min The Agent Behavior Computer with Agent Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)YES.. GET PkgID 02342344-0001-9900-13459801AE02
    • Get finger prints Client Agent Detection Agent Update Server ResultsPass 1 ResultsPass 2 ResultsPass 3
      • After every sub replication…
      • After each deployment set…
      • Weekly refresh of all data…
      Fingerprint and Inventory Scan Computer with Agent Q)Work to do?
    •  
    •  
    • Agent Deployment
      • Red Hat Linux Agent Support
        • Versions 7.0, 7.1, 7.2, 7.3, 8.0, 9.0
      •   UNIX Agent Support
        • Solaris   v2.5, v2.6,v 2.7, v7, and v8
        • AIX  V4.3.3, v5.1, v5.2, HU-UX , FreeBSD (Coming Soon)
      •   Netware Agent Support
      • Note: The Unix / Linux agent requires the Java Runtime Environment (JRE) v1.2.2 or above, and can only be installed in single agent mode.
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    • Q & A Session www.icsi.com/patchlink Contact: Vahid Sedghi [email_address]