Patch Management - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Patch Management

Description:

2 Source: Information Week, 26 November 2001. 3 Source: Netcraft summary. 4 Source: Computer Security Institute (CSI) Computer Crime and Security Survey 2002 ... – PowerPoint PPT presentation

Number of Views:132
Avg rating:3.0/5.0
Slides: 25
Provided by: insass
Category:

less

Transcript and Presenter's Notes

Title: Patch Management


1
Patch Management
Patch Management Best Practices Steve Thamasett,
CISSP, MCSE, NSA IAM November 7, 2003
2
Agenda
  • Current Patch Management Situation
  • State of connected devices / users
  • Spread rate for Code Red
  • Business Drivers and Challenges
  • Lost revenue due to downtime
  • The INS Solution
  • Process based
  • Patch Management Service Features Benefits
  • Phase by phase descriptions
  • Case Study

3
Current Situation
1 Source Forrester Research 2 Source
Information Week, 26 November 2001 3 Source
Netcraft summary 4 Source Computer Security
Institute (CSI) Computer Crime and Security
Survey 2002 5 Source CERT, 2002
4
Code Red Virus Infection
July 19, 2001 0000 159 hosts infected
5
Code Red Virus Infection
12 hours later 4,920 hosts infected
6
Code Red Virus Infection
12 hours later (24 total) 341,015 hosts infected
JANUARY 2003 SQL SLAMMER WORM same spread in
TEN MINUTES
7
Business Drivers
  • New vulnerabilities released daily
  • Widespread publicly leads to releases of exploits
  • Vendors must provide quick turnaround on patches

8
Business Challenges
  • Internet facing systems typically patched first
  • Two fundamental past assumptions
  • The threat of attack from insiders is less likely
    and more tolerable than the threat of attack from
    outsiders.
  • A high degree of technical skill is required to
    successfully exploit vulnerabilities, making the
    probability of attack unlikely.
  • Threat profile and potential risks have increased
  • Viruses can now be delivered through common entry
    points, automatically executed, and then search
    for exploitable vulnerabilities on other
    platforms.

9
Our Business-Centric Approach
  • Patch Management is a Process, not a Tool
  • Links Business Imperatives to Network Solutions
  • Quantify value of new initiatives
  • Optimize existing infrastructure
  • Identify best-of-breed solutions
  • Employ proven best practices and methodologies
  • Collaborative infrastructure and culture to
    multiply consultant value
  • Knowledge transfer for sustainable results
  • Formal quality program from initiation to
    close-out

10
The INS Solution
  • Patch Management Service
  • Facilitate and establish a patch management
    process
  • Plan and design a comprehensive patch management
    process
  • Assist in the Implementation of the process

11
Patch Management - Features
  • Network Device and Host Inventory
  • Determines your organizations network and host
    inventory.
  • A clear understanding of the devices and hosts
    within the organizations infrastructure must be
    defined and inventoried.

12
Patch Management - Features
  • Network Device and Host Assessment
  • Maps your IT infrastructure to the patch
    management process.
  • Suggested patch management solutions based upon
    findings

13
Patch Management - Features
  • Patch Monitoring and Discovery
  • Builds the procedures for monitoring patches as
    they are released.
  • Includes monitoring of all appropriate security
    intelligence sources required to identify any
    exposures or vulnerabilities that may impact the
    organization.

14
Patch Management - Features
  • Patch Evaluation
  • Investigate, evaluate and test patches in
    accordance with business objectives, security and
    IT operational goals.
  • Generation of a formal plan and documentation to
    govern the testing based on the type of system
    and vulnerability

15
Patch Management - Features
  • Patch Implementation
  • Develop tools and templates to integrate with
    your change management policy.
  • Develop the standard Security Advisory template
  • Develop the procedures for the patch to go from
    testing, to implementation, including updating
    standard builds as needed.

16
Patch Management - Features
  • Patch Maintenance
  • Develop tracking and reporting mechanisms
  • Develop security awareness processes

17
Patch Management INS Expertise
  • Strength of Security, Operating Systems, and
    Network and Systems Management consulting
    expertise
  • Successful track record
  • INS has the expertise and business-focused
    methodology to identify and quantify operational
    risk, engineer the right management and delivery
    process, and align quantifiable results to our
    customers business goals

18
Patch Management - Benefits
  • Proactively identify and remediate IT security
    vulnerabilities
  • Focuses IT and security on the right set of
    problems to address
  • Improved service performance and availability by
    optimizing business and systems processes
  • Adds value to ongoing business initiatives,
    business continuity, reducing operating costs,
    and security mandates

19
Patch Management - Deliverables
  • Executive summary report
  • A patch management process
  • Recommendations and a plan for implementing a
    patch management process
  • Plan for maintaining the patch management process
    lifecycle
  • Client Engagement Book
  • Knowledge transfer

20
CS Patch Management
  • Government contractor in healthcare space
  • DITSCAP and HIPAA concerns
  • Server / Workstation profile
  • One primary datacenter (50 Wintel servers)
  • 25-30 remote locations (1-3 Wintel servers each)
  • 1000 seats total (Wintel platform)
  • Requirements
  • Server / workstation hardening
  • Process for maintaining secure environment
  • DoD oversight for security
  • Periodic network and system scans
  • Review of process and procedures

21
CS Patch Management
  • Discovery Phase
  • Network scans using ISS
  • System scans with HFNetChk / MBSA
  • Assessment Phase
  • System scans with SRR scanner
  • Issues with vendor provided systems
  • Patch Monitoring / Evaluation Phase
  • Development of regular list monitoring
  • Developed lab for testing
  • Patch Implementation Phase
  • Change management process
  • Patch evaluation and deployment process

22
The INS Advantage
Customer-centric, business-driven approach
  • Our primary approach is to relate technology
    strategies to business objectives
  • We employ our highly documented Business Value
    Justification (BVJ) methodology throughout each
    engagement to ensure that measurable business
    value is delivered in terms of increased
    productivity, cost avoidance, asset protection,
    and business enablement.
  • Our team works side-by-side with our customers
    team to develop tailored solutions that meet
    their objectives
  • We focus on knowledge transfer to ensure that
    your staff becomes self-sufficient quickly

23
The INS Difference
  • Vendor independence
  • Optimal solutions to build, manage, and secure
    your network
  • Business-centric focus
  • Link business imperatives to network solutions
  • Experience
  • 15,000 engagements
  • Expertise
  • 1,200 certifications in 96 categories
  • Mature support systems
  • KnowledgeNet
  • Quality assurance program
  • Collaborative culture
  • Engage one, get the team

24
Thank you
  • Steve Thamasett, CISSP, MSCE, NSA IAM
  • Email steve.thamasett_at_ins.com
  • Web www.ins.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Patch Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!