Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Welcome To Patchlink Technology Overview Vahid Sedghi [email_address]
  2. 5. Copyright Copyright © © PatchLink PatchLink ® ® 2003 All Rights Reserved 2003 All Rights Reserved Enterprise Patch Management Process Test <ul><li>Develop Test Plan </li></ul><ul><li>Configure </li></ul><ul><li>Install </li></ul><ul><li>Test and Validate </li></ul><ul><li>Verify Requirements </li></ul>Plan <ul><li>Schedule </li></ul><ul><ul><li>Resources </li></ul></ul><ul><ul><li>Personnel </li></ul></ul><ul><li>Develop Scripts </li></ul>Pilot <ul><li>Repeat: x times </li></ul><ul><ul><li>Login </li></ul></ul><ul><ul><li>copy </li></ul></ul><ul><ul><li>Install </li></ul></ul><ul><ul><li>Reboot </li></ul></ul><ul><ul><li>Verify </li></ul></ul><ul><ul><li>Test </li></ul></ul>Rollout <ul><li>Repeat: y times </li></ul><ul><ul><li>Login </li></ul></ul><ul><ul><li>copy </li></ul></ul><ul><ul><li>Install </li></ul></ul><ul><ul><li>Reboot </li></ul></ul><ul><ul><li>Verify </li></ul></ul><ul><ul><li>Test </li></ul></ul><ul><li>Support </li></ul>Monitor <ul><li>Enforce/Validate </li></ul><ul><li>Subscriptions: </li></ul><ul><ul><li>Vendors </li></ul></ul><ul><ul><li>Newsgroups </li></ul></ul><ul><li>Web Searches </li></ul><ul><ul><li>Vendor </li></ul></ul><ul><ul><li>Assoc </li></ul></ul><ul><ul><li>CERT/NIST etc. </li></ul></ul><ul><li>Prelim Assess </li></ul>Research <ul><li>Investigate </li></ul><ul><li>Assess Impact </li></ul><ul><li>Dependencies </li></ul><ul><li>Identify Targets </li></ul><ul><li>H/W and S/W Requirements </li></ul>
  3. 9. Subscription Agent MSXML Agent Web Services CAPI PLHOST HTTP(s) User Web Application WININET w3svc mssqlserver PatchLink Update PLUS Web Site (Inet Info) SQL Server PLUS Processes XML Authentication SSL Encryption HTML Authentication Encryption XML Authentication Encryption
  4. 10. HTTP PLUS Architecture Sub Agent SQL Srvr Agent MSXML WININET ADODB CAPI WinSock 2 TCP/IP HTTPS Inet Info Service MSVBVM60 PES40 WININET GravitixISAPI MS SQL Server .JSE Jobs w3svc mssqlserver sqlserveragent PatchLink Update
  5. 13. Server Features (cont.) <ul><li>Built-in security </li></ul><ul><ul><li>Subscription replication is always encrypted </li></ul></ul><ul><ul><li>PLUS server to agent communications can be encrypted </li></ul></ul><ul><ul><li>All packages are checked for digital signatures and CRC checked prior to installation </li></ul></ul><ul><li>Support for multi-vendors patches </li></ul><ul><ul><li>Many operating systems are supported </li></ul></ul><ul><ul><li>Many software vendors are supported </li></ul></ul><ul><ul><li>Addition support can be achieved through custom packages and the developers kit </li></ul></ul>
  6. 14. Server Features (cont.) <ul><li>Mandatory patch policy with automatic deployment </li></ul><ul><ul><li>Mandatory patch baseline per group </li></ul></ul><ul><ul><li>Requires thoughtful design to prevent unexpected behavior </li></ul></ul><ul><li>Patch Compliance Assurance Mechanism (PCAM TM ) </li></ul><ul><ul><li>Lock down inventory and receive alerts when changes occur to hardware, software, or services </li></ul></ul>
  7. 15. Server Features (Cont.) <ul><li>Content replication </li></ul><ul><ul><li>PLUS server automatically downloads new content daily over SSL link </li></ul></ul><ul><li>Software distribution </li></ul><ul><ul><li>Create custom software distribution packages </li></ul></ul><ul><li>Content import/export </li></ul><ul><ul><li>For use in networks without Internet access </li></ul></ul><ul><ul><li>For use in secure networks </li></ul></ul><ul><ul><li>For replication of custom patches </li></ul></ul>
  8. 16. Server Features (Cont.) <ul><li>Building custom patches </li></ul><ul><ul><li>Wizard based package creation utility </li></ul></ul><ul><ul><li>Can also be used to distribute .reg and .pol files </li></ul></ul><ul><li>Recurring distribution task </li></ul><ul><ul><li>Use with anti virus definitions </li></ul></ul><ul><ul><li>Database or file distribution </li></ul></ul><ul><li>Network Vulnerabilities Assessment </li></ul><ul><ul><li>Daily scans each computer to check for software based vulnerabilities </li></ul></ul>
  9. 17. Server Features (Cont.) <ul><li>Fully automatic disaster recovery </li></ul><ul><ul><li>Agents automatically re-register with the PLUS server. </li></ul></ul><ul><li>Multiple operating system support </li></ul><ul><ul><li>Deploy patches to UNIX, Linux, and Netware </li></ul></ul><ul><ul><li>Macintosh support will be coming soon </li></ul></ul><ul><li>Automatic Caching System (ACS) </li></ul><ul><ul><li>Critical patches are automatically downloaded and cached locally through the subscription </li></ul></ul>
  10. 19. Inside the Agent
  11. 20. PatchLink Update Server PatchLink Update Ran as System User Agent Processes Client Agent XML Deployments Agent Policies XML Authentication Encryption Files: Download Verify Destination Post Script #2 (WSH) Reboot Check Post Script #1 (CMD) Pre-Script (WSH) Upload Results
  12. 21. Agent Architecture Client Agent Detection Agent MSXML WININET WSH CAPI WinSock 2 TCP/IP SYSTEM USER PatchLink Update DAGENT.EXE
  13. 22. Agent Features <ul><li>Built-in security </li></ul><ul><ul><li>Checks vendor digital signature </li></ul></ul><ul><ul><li>Check PLUS CRC </li></ul></ul><ul><ul><li>Can be delivered via SSL </li></ul></ul><ul><li>Patch signature </li></ul><ul><ul><li>Each computer is scanned for patch signatures and fingerprints </li></ul></ul><ul><li>Patch Fingerprinting  </li></ul><ul><ul><li>Each patch is written with a number of identifiers that determine whether a patch is installed </li></ul></ul>
  14. 23. Agent Features (Cont.) <ul><li>Chained installation </li></ul><ul><ul><li>Special q-chain task </li></ul></ul><ul><ul><li>Ensures proper .dll precedence </li></ul></ul><ul><ul><li>Required to run after multiple patches on NT </li></ul></ul><ul><ul><li>Recommended on Windows 2000 </li></ul></ul>
  15. 24. Agent Features (Cont.) <ul><li>Workstation inventory (discovery agent) </li></ul><ul><ul><li>Scan for </li></ul></ul><ul><ul><ul><li>Hardware </li></ul></ul></ul><ul><ul><ul><li>Software </li></ul></ul></ul><ul><ul><ul><li>Services </li></ul></ul></ul><ul><ul><ul><li>Patch Fingerprints </li></ul></ul></ul><ul><li>Resume-able downloads </li></ul><ul><ul><li>If a computer disconnects from the network, the download of the patch will resume once the connection is reestablished </li></ul></ul><ul><li>Mobile-user enabled </li></ul><ul><ul><li>Computers do not need to be connected to the network to deploy patches </li></ul></ul><ul><ul><li>Patches will begin to deploy once the computer is reconnected. </li></ul></ul>
  16. 25. Update Server Client Agent Policy =5min The Agent Behavior Computer with Agent Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)NO! Q)Work to do? A)YES.. GET PkgID 02342344-0001-9900-13459801AE02
  17. 26. Get finger prints Client Agent Detection Agent Update Server ResultsPass 1 ResultsPass 2 ResultsPass 3 <ul><li>After every sub replication… </li></ul><ul><li>After each deployment set… </li></ul><ul><li>Weekly refresh of all data… </li></ul>Fingerprint and Inventory Scan Computer with Agent Q)Work to do?
  18. 29. Agent Deployment <ul><li>Red Hat Linux Agent Support </li></ul><ul><ul><li>Versions 7.0, 7.1, 7.2, 7.3, 8.0, 9.0 </li></ul></ul><ul><li>  UNIX Agent Support </li></ul><ul><ul><li>Solaris   v2.5, v2.6,v 2.7, v7, and v8 </li></ul></ul><ul><ul><li>AIX  V4.3.3, v5.1, v5.2, HU-UX , FreeBSD (Coming Soon) </li></ul></ul><ul><li>  Netware Agent Support </li></ul><ul><li>Note: The Unix / Linux agent requires the Java Runtime Environment (JRE) v1.2.2 or above, and can only be installed in single agent mode. </li></ul>
  19. 42. Q & A Session Contact: Vahid Sedghi [email_address]