Stanford University Patch Management - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Stanford University Patch Management

Description:

A server with all relevant patches & history ... to spread the patch distribution load. Basic ... Policy Based Patching. 150151 Issues Remediated /52 weeks ... – PowerPoint PPT presentation

Number of Views:100
Avg rating:3.0/5.0
Slides: 12
Provided by: cedbe
Category:

less

Transcript and Presenter's Notes

Title: Stanford University Patch Management


1
Stanford University Patch Management
2
Whos involved?
  • Campus-Wide Working Group
  • Computer Science
  • Earth Sciences
  • Graduate School of Business
  • Internal Audit
  • ITSS
  • Medical School
  • Residential Computing
  • Participating in the Central Patch Management
    Service
  • Graduate School of Business
  • Law School
  • School of Earth Sciences
  • School of Medicine
  • School of Education
  • School of Humanities and Science
  • School of Engineering
  • 100 Departments

3
Challenges
  • Clear it takes Proactive Management
  • Centralized Service
  • Agent Based
  • Distributed Management
  • Scaleable
  • Secure
  • Target Stanford Campus
  • BigFix Enterprise Suite (BES) selected

4
BigFix Patch Manager
  • A tool / service designed to manage the
    application of patches to hosts
  • Components
  • An agent on each desktop and laptop computer
  • A server with all relevant patches history
  • One or more consoles to manage / monitor the
    process
  • Relay servers to spread the patch distribution
    load
  • Basic process
  • Server provides new vulnerability information
  • Agent signals if its host needs remediation
  • Administrator releases patch to selected hosts

5
Patch Management (continued)
  • The BigFix Enterprise Suite (BES)

Fixed
Internet
6
Patching Procedures and Process
  • Routine Non-security patch
  • Handled locally
  • As it is handled today or
  • Use patch management tool locally
  • Routine Security patch
  • No known exploits
  • Patch tested centrally and
  • Patch tested locally
  • Patch released after brief wait
  • High-risk security patch
  • Exploits known to exist
  • CISO and CIO determine the rollout timeline

7
BigFix Stanford Info
  • 11200 Clients Deployed
  • Patch in 11 different languages
  • English, Brazilian Portuguese, Czech, French,
    German, Italian, Japanese, Korean, Polish,
    Chinese, Spanish
  • Policy Based Patching
  • 150151 Issues Remediated /52 weeks
  • Blank Password on Admin account detection
  • Property Retrieval on Stanford Applications

8
Centrally Tested Platforms
  • NT 4.0 Workstation SP 6a (.75)
  • Windows 2000 Professional SP 4 (32.97)
  • 2003 Server, (1.26)
  • Windows XP (64.07)
  • Windows ME (0.17)
  • Windows 98 SE (0.74)
  • Note that most recent Service Pack and security
    patches will continue to be the centrally tested
    platforms

9
Managing Patch Management
10
BigFix Enterprise Console
Fixlets by name
Relevant Fixlet Messages
Fixlets needed on this computer
11
Web Reports
Computers in the network with the BigFix agent,
reported over time
Computer vulnerability breakdown by severity
Top 10 Issues identified on the computers in the
network
12
BeyondPatching
  • Inventory
  • Anti Virus Status
  • Anti Virus Definition Updates
  • Infected Machine Detection
  • Worm Removal
  • Future
  • Software Deployment
  • Desktop Configuration Management
  • MAC/Unix Clients
  • Spy Ware Integration
  • Firewall Integration

13
  • Questions
  • http//patching.stanford.edu
  • www.stanford.edu/dept/itss/services/bigfix/bigfix-
    faq.html
  • Bigfix-questions_at_lists.stanford.edu
Write a Comment
User Comments (0)
About PowerShow.com