Scribd Logo
Upload

Welcome to Scribd!

  • Developing Patch Management Best Practices: An In-Depth Technical Webcast

    Uploaded by

    Bala
    34 views30 pages
    Patch management

    Original Title

    bestpracticesforpatchmanagementfinal-120424215215-phpapp01

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Patch management

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    34 views30 pages

    Developing Patch Management Best Practices: An In-Depth Technical Webcast

    Uploaded by

    Bala
    Patch management

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 30

    Developing Patch

    Management
    Best Practices
    An In-Depth Technical Webcast
    Today’s Agenda

    Introduction

    Curing Your Patch Management Headache


    with Lessons Learned from the Field
    • Laying the Groundwork
    • Before Patch Tuesday
    • On Patch Tuesday
    • After Patch Tuesday

    Q&A
    Today’s Panelists

    Russ Ernst Jim Czyzewski


    Group Product Manager Supervisor – Clinical Desktop Support
    Lumension MidMichigan Medical Center

    3
    Why Is Patch Management Important
    Sources of Endpoint Risk

    5%
    Zero-Days

    30%
    Missing Patches

    65%
    Misconfigurations

    Today’s Endpoint Security Stack

    AV
    Device
    Control
    Application
    Control
    Patch & Configuration
    Management

    4
    Benefits of a Solid Patching Process
    Malware Costs Money Patching Reduces Target Size

    5
    Patch Management Best Practices

    Laying the
    Groundwork

    Patch
    After Patch Before Patch
    Management
    Tuesday Tuesday
    Process

    On Patch
    Tuesday

    6
    Laying the Groundwork
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Discover Assets

    8
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Agent Maintenance
    Lumension Reporting Services (LRS)

    9
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Classify Value and Risk

    10
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Establish Workflow and Groups


    Users Roles

    Groups

    11
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Identify Test Groups

    12
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Staff Training
    Learning Portals

    13
    Before Patch Tuesday
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Prepare Resources
    • Schedule Resources
    » Allocate IT resources for Patch Tuesday while also integrating additional patch
    release schedules from third-party applications, such as Adobe, Apple (ad
    hoc), Java and so forth
    » Review the patching needs of any internally-developed applications and/or
    custom patches and consider deploying these patches as part of the monthly
    patch cycle

    • Reserve Down-Time for Servers


    » Reserve time slots to be able to deploy patch updates to any mission-critical
    servers within 72 hours of the Patch Tuesday release

    15
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Watch for Pre-Announcements

    16
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Confirm Reporting Up-to-Date

    17
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Deploy Missing Updates and Pre-Requisites

    18
    On Patch Tuesday
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Study Information and Security Briefings

    • Important information to consider when understanding the impact of Patch


    Tuesday on your environment includes:
    • Bulletin Severity
    • Whether or not the vulnerability is known/publicly disclosed at the time of release
    • Does the vendor know of any active exploits at the time of release
    • Value of the asset being patched

    20
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Prioritize Potential Patches

    21
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Test and Install Patches


    • Follow Internal Change Control Planning and Approval Process
    • Staged Testing
    • Deploy applicable bulletins to test groups
    • Ensure successful deployment before rollout to additional groups in the environment
    • Pay special attention to impact to custom-developed, internal applications
    • Staged Deployments

    22
    After Patch Tuesday
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Deployment History

    24
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Calculate Time to Deploy

    25
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Monitor for Compliance


    Mandatory Baseline

    26
    Laying the Groundwork | Week Before | Patch Tuesday | Week After

    Continuous Improvement
    • Checks and Balances
    » Review the Effectiveness of Patch Tuesday Remediations

    • Metrics Improvement
    » Modify system settings, distribution parameters and so forth to further optimize
    the system for next month’s updates
    » WAN optimization, polling frequency and minimizing the patches being
    detected can all help further optimize performance
    » Look for computers that did not receive updates at all or those that took
    unusually long to receive updates

    27
    Q&A
    More Information
    • Free Vulnerability Scanner Tool • Get a Quote (and more)
    » Discover all OS and application vulnerabilities http://www.lumension.com/
    on your network vulnerability-management/
    http://www.lumension.com/Resources/ patch-management-software/buy-now.aspx#6
    Security-Tools/Vulnerability-Scanner.aspx

    • Lumension® Patch and Remediation


    » Online Demo Video:
    http://www.lumension.com/
    vulnerability-management/
    patch-management-software/demo.aspx
    » Free Trial (virtual or download):
    http://www.lumension.com/
    vulnerability-management/
    patch-management-software/free-trial.aspx

    29
    Global Headquarters
    8660 East Hartford Drive
    Suite 300
    Scottsdale, AZ 85255

    1.888.725.7828
    info@lumension.com
    http://blog.lumension.com

    You might also like