Remote Worker Series (part 2): Patch your workplaces at home, in a meeting center or in the office
•Download as PPTX, PDF•
0 likes•107 views
This document discusses Ivanti's patch management solutions for enabling remote workers. It describes how the rise in remote work has increased security risks from unpatched systems. Ivanti offers several products that can help organizations continuously patch systems whether in the office or remote. These include Ivanti Patch for SCCM, Patch for Endpoint Manager, standalone patching, and Security Controls for comprehensive vulnerability management. The solutions allow organizations to securely patch remote desktops, servers, and other systems without requiring a VPN.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Remote Worker Series (part 2): Patch your workplaces at home, in a meeting center or in the office
Similar to Remote Worker Series (part 2): Patch your workplaces at home, in a meeting center or in the office (20)
More from Ivanti
More from Ivanti (20)
Recently uploaded
Recently uploaded (20)
Remote Worker Series (part 2): Patch your workplaces at home, in a meeting center or in the office
- 1. Remote Worker Series (part 2) Patch your workplaces at home, in a meeting center or in the office
- 2. Agenda Introduction Ivanti Patch Management Questions Closing
- 3. Who are we Nicklas Isaksson Sr. Sales Engineer Peter Hensdal Territory Manager – SE+FI Pierre Blom Regional Director- Nordics
- 5. The Enterprise BeforeThe Enterprise Now Internet VPN • Home Working Increase • More Remote Meetings • Maintain Productivity • Additional Security
- 6. Enabling Your Remote Worker Business Problems: 1. Increase in Remote Users 2. Saturated VPN connections 3. Business Continuity IT Problems: 1. Keep Them Secure 2. Keep Them Productive 3. Deliver IT Services Remotely 4. Keep insight
- 8. of attacks use publicly known vulnerabilities in commercial software that could be prevented by regular patching. Center for Strategic & International Studies “ ” 75%
- 9. of reported vulnerabilities come from third-party applications . National Vulnerability Database “ ” 86%
- 10. FIRST 5 CIS CONTROLS - #3 CIS & other agencies prioritize these five elements of cyber hygiene to significantly reduce security threats. I n v e n t o r y a n d C o n t r o l o f H a r d w a r e A s s e t s I n v e n t o r y a n d C o n t r o l o f S o f t w a r e A s s e t s C o n t r o l l e d U s e o f A d m i n i s t r a t i v e P r i v i l e g e s C o n t i n u o u s V u l n e r a b i l i t y M a n a g e m e n t S e c u r e C o n f i g u r a t i o n
- 11. IN 2019 THE AVERAGE TIME FROM VULNERABILITY DISCLOSURE TO EXPLOIT IS NOW 14 DAYS AND EVER DECREASING GARTNER PREDICTS BY 2022 90% OF VULNERABILITIES EXPLOITED WILL BE KNOWN TO ADMIN AT TIME OF EXPLOIT WHY IS THAT? • PATCHES NOT BEING ROLLED OUT FAST ENOUGH • PATCH MANAGEMENT PROCESS IS A TIME CONSUMING ACTIVITY • BAD GUYS GETTING BETTER AT EXPLOITING CODE • COMPANIES NOT MANAGING RISK • LACK OF SECURITY RESOURCE THE ENEMY THAT IS TIME
- 12. Poll result: What kind of patch solution is used
- 13. Ivanti Patch Products • Patch the datacenter and remote desktops • Agentless or Agent based • Support Windows, RedHat, CentOS • VMware ESX and VM’s patching • Standalone patch for local and remote desktops and servers • Supports Windows, MacOS, Linux • Add-on to Endpoint Manager • Third-party patching for Microsoft SCCM
- 14. Which Ivanti solution would you like to know more about? Patch for SCCM Patch for EPM Patch intelligence Security Controls
- 16. ©2020Ivanti.ProprietaryandConfidential Microsoft System Center Patch Coverage What about these? Microsoft System Center Patch Coverage
- 17. ©2020Ivanti.ProprietaryandConfidential Ivanti Patch for SCCM Leads Patch Management Native plug-in for SCCMExtensive software catalog No added infrastructure Pre-tested packages Compliance reporting CVE Import .
- 18. ©2020Ivanti.ProprietaryandConfidential SCCM WSUS Ivanti Patch For SCCM WSUS Content Publish Auto Import Sync • Tested patches/installation • Add installation switches/scripts • Add other Metadata
- 20. Which Ivanti solution would you like to know more about? Patch for SCCM Patch for EPM Patch intelligence Security Controls
- 22. ©2020Ivanti.ProprietaryandConfidential Security Controls Ivanti Patch for Datacenter Data Center OS and third-party application patch management Virtualization • Agentless • Hypervisor Patch • Online / Offline / Template support • Snapshot rollback support Physical • Agentless • Agent • Discovery • Onsite and offsite using Ivanti Protect Cloud On-network and off- network patching using Ivanti Protect Cloud Client Workstations PowerShell API
- 24. ©2020Ivanti.ProprietaryandConfidential Virtual Infrastructure Patching Get inventory of VMs with VMware integration Agentless patch for virtualization • Keep VMs efficient • No additional agents • Find rogue VMs Patch online VMs • Snapshot before patching Patch Hypervisor (ESXi) Patch offline VMs • Insert patch file • Isolate VM • Boot, install, shut-down • Re-enable Patch VM templates
- 25. ©2020Ivanti.ProprietaryandConfidential Security Controls Console & Server Machine Group 1 Machine Group 2 Agentless Architecture XML Scan • We are software installed on a physical or virtual server. The console provides admin access to create and manage your Protect environment • The server is connected to the internet • New patches come out from MS and 3rd party companies • The Ivanti content team creates the Patch Content XML. That XML is downloaded to the Protect server automatically • Machine Groups allow you to organize the machines you want to manage • The patch scan will find installed OS, MS applications and 3rd party apps. Security Controls will determine what patches are missing and display as a list of missing patches for each machine • The results of the scan can be viewed in a report • Security Controls will download the required patch files from the venders for you to a central repository. • Then deployed to each machine for installation. We are trying to minimum the total of reboots, installing as many patches as possible before a reboot is required.
- 26. ©2020Ivanti.ProprietaryandConfidential Security Controls Console & Server Machine Group 1 Machine Group 2 XML Agent Policy XML Agent Architecture • By design, laptops are frequently disconnected from the work domain. • An Agent can be installed, a policy defined, and the laptop can be managed remotely. • The Agent will get the XML data from Ivanti automatically and scan the laptop. • The Agent will attempt to connect to the Security Controls server. If it fails, the Agent would connect to the Ivanti Cloud. • The Agent will then upload any scan results or deployment information to the Ivanti Cloud. • The Agent would also check to see if the Policy had be changed or updated, and if yes, would download and reconfigure the Agent.
- 27. Which Ivanti solution would you like to know more about? Patch for SCCM Patch for EPM Patch intelligence Security Controls
- 29. ©2020Ivanti.ProprietaryandConfidential Patch for Endpoint Manager Ivanti Patch for Endpoint Manager Data Center OS and third-party application patch management Virtual • Rollout workflow • Drivers • Virusscanner definitions Physical • Agent • Discovery • Onsite and offsite using Cloud Service Appliance On-network and off- network patching using Cloud Service Appliance Client Workstations SOAP API
- 30. Internet Cloud Service Appliance(s) No VPN Required Patch compliancy insights Centralized Patch Repository Download patches over CSA or direct from Vendor Secure Remote Worker Productivity
- 32. ©2020Ivanti.ProprietaryandConfidential User reports on a broken application
- 33. ©2020Ivanti.ProprietaryandConfidential View all patches that impact the user reported applications
- 34. Import CVEs detected by other tools into EPM
- 35. ©2020Ivanti.ProprietaryandConfidential The patch you have to install to fix the CVE Create a group for all patches that solve those CVEs Origin patch that solved this CVE
- 37. Which Ivanti solution would you like to know more about? Patch for SCCM Patch for EPM Patch intelligence Security Controls
- 40. Q&A
- 41. Remote Worker offer Free offer until 31st October 2020 Additional support and insight to maintain control over your remote workers. Contact your Territory Manager for more information. Peter.hensdal@ivanti.com or +46 705513920. 1 Discover Provide Insight Take Action 2 3
Editor's Notes
- http://csis.org/files/publication/130212_Lewis_RaisingBarCybersecurity.pdf
- The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks. A principal benefit of the Controls is that they prioritize and focus a smaller number of actions with high pay-off results. The Controls are effective because they are derived from the most common attack patterns highlighted in the leading threat reports and vetted across a very broad community of government and industry practitioners. They were created by the people who know how attacks work - NSA Red and Blue teams, the US Department of Energy nuclear energy labs, law enforcement organizations and some of the nation's top forensics and incident response organizations - to answer the question, "what do we need to do to stop known attacks." That group of experts reached consensus and today we have the most current Controls. The key to the continued value is that the Controls are updated based on new attacks that are identified and analyzed by groups from Verizon to Symantec so the Controls can stop or mitigate those attacks. The Controls take the best-in-class threat data and transform it into actionable guidance to improve individual and collective security in cyberspace. Too often in cybersecurity, it seems the "bad guys" are better organized and collaborate more closely than the "good guys." The Controls provide a means to turn that around.
- Extensive software catalog - Patch most vulnerable enterprise software titles Native plug-in for SCCM - View third-party patches and control the patching process all from within the SCCM console. No added infrastructure - Leverage your existing investment in SCCM by using the same mechanisms already in place for software patching. Compliance reporting - Use SCCM reporting to view the status of the delivery of third-party patches. Ease of use - Never leave the SCCM console to deploy third-party patches. A simple click deploys third-party software updates. Pre-tested packages - Ivanti patching database leads the industry in extensive pre-download testing. Be confident in patching.
- Let’s take a look at the Patching process Build 1 We are software installed on a physical or virtual server The console provides admin access to create and manage your Protect environment Build 2 The server is connected to the internet Build 3 New patches come out from MS and 3rd party companies Build 4 – 5 - 6 The Ivanti content team creates the Patch Content XML That XML is downloaded to the Protect server automatically Build 7 Machine Groups allow you to organize the machines you want to manage Build 8 The patch scan will find installed OS, MS applications and 3rd party apps protect will determine what patches are missing and display as a list of missing patches for each machine Build 9 The results of the scan can be viewed Build 10 Patch for Windows will download the required patch files from the venders for you They are downloaded to a central repository Then deployed to each machine for installation. We are trying to minimum the total of reboots, installing as many patches as possible before a reboot is required.
- Agentless works great if all the machines are always on and always connected. But what about laptops. By design, they are frequently disconnected from the work domain. In some cases, a laptop may never be connected to the work domain. A Patch for Windows Agent can be installed, a policy defined, and the laptop can be managed. The Agent will get the xml data from Ivanti automatically, scan the laptop using a Scan Template. At a configurable time, the Agent will attempt to connect to the Patch for windows Console server. It would fail because of firewall security. The Agent would then connect to the Ivanti Cloud. The Agent will then upload any scan results or deployment information to the Ivanti Cloud. The Agent would also check to see if the Policy had be changed or updated, and if yes, would download and reconfigure the Agent.
- This is one way to please you Change Control Board – make all your software installations and updates automated and routine. Automate large or especially regular projects Software Distribution Patching Built in project management tools like Gantt Charts
- Free Ivanti Cloud till 31st October, but “only” for existing customer. This would allow the customer to remotely monitor and manage devices which is great now that people are working from home. It’s not a replacement for e.g. SCCM, but it could be a great tool for IT-departments who want an easy solution to manage devices in critical times. SCCM does not work that great for remote devices as it in most cases require a VPN tunnel (virtual connection to their corporate network) to manage the devices. Ivanti Cloud Customer Registration: https://go.ivanti.com/web-Free-Trial-Remote_Workers_Cloud-EN.html https://www.ivanti.com/products/ivanti-cloud Q: Where can customers find more technical information on Ivanti Cloud? A: Information on how to get started with Ivanti Cloud, technical documentation, and other technical resources are available here: https://forums.ivanti.com/s/ivanti-cloud Q: How can Ivanti Cloud help customers with their challenges of an expanded remote workforce? A: Ivanti Cloud benefits: Provide a common user experience for all levels of analysts that acts as a console to all data, alerts, automation, and actions. Automate actions and triggers built or scripted that can point to resulting actions both in the cloud or on-prem. See vulnerabilities in real-time like disabled Windows firewalls or encryption that isn’t turned on and take care of them with the click of a button. Get insights from machine learning and AI by pulling data from across your organization Resolve remote problems without a remote-control session for common issues like viewing a device’s task manager, starting and stopping services, troubleshooting a network outage, and executing scripts. Remote-control nearly any desktop from any device with secure, browser-based access.
- Next webinar Nordics