ZENworks - PowerPoint PPT Presentation

1 / 34

About This Presentation

Title:

ZENworks

Description:

... 24,313 http://www.cert.org/stats/ Sources: Microsoft, Deloitte, and CERT Coordination Center Data Most InfoSec Organizations are Overwhelmed Base = 1,395 ... – PowerPoint PPT presentation

Number of Views:207

Avg rating:3.0/5.0

Slides: 35

Provided by: DavidH228

Category:

Tags: zenworks

more less

Transcript and Presenter's Notes

Title: ZENworks

1
ZENworks Patch Management

with PatchLink

2
Objectives
Business Issues with patch management
ZENworks Patch Management as a solution
Architecture
Integration and deployment
3
Business Issues of patch management

Threat of attacks from viruses, worms spyware
etc.
Security Focus reported in 2003, 223
vulnerabilities in Microsoft products alone -
http//www.securityfocus.com/
174 reported as of October of 2004
Cost and time needed for obtaining and applying
updates
Many hours spent just looking for patches and
updates
Loss of productivity due to business continuity
failures

4
Patch Management Drivers

Increasing security incidents
Steady trend from 2000 to 2006
Increasing Patch Counts, Including Apps
Microsoft has released roughly 1.38 patches per
week since January 2002, all products included
Incomplete Patch Deployments
Over 90 of the security exploits are carried
out through vulnerabilities for which there are
known patches.
Poor Processes
During a 6-12 month period, approximately 20 of
machines become unpatched
Not Addressed by Software Giants
lt 5 of organizations have a satisfactory
automated patch management solution

Sources Microsoft and CERT Coordination Center
Data

Total vulnerabilities reported 1995-Q1,2006
24,313
http//www.cert.org/stats/

5
A Continuous Cycle of Infection
6
Why Security Patch Management?

Phenomenal Increased in Security Incidents
An increase of 620 from 2000
Ever Increasing Patch Counts
Microsoft has released an average of 1.38 patches
per week since January 2002, all products
included
Your Accountable!
Over 90 of the security exploits are carried
out through vulnerabilities for which there are
known patches.
Are You Really Patched?
During a 6-12 month period, approximately 20 of
machines become unpatched
Remediation Window Shrinking
The time to protect has decreased from 30 days to
just a few

Sources Microsoft, Deloitte, and CERT
Coordination Center Data
7
Current Climate
Most InfoSec Organizations are Overwhelmed
Base 1,395 Data Secure Enterprise Security
Deployment Survey, October 2004
8
The Problem

The problem is NOT that you cannot get the patch
for the vulnerability.

The problem is two fold
1
2
Knowing about the patch, its severity and its
applicability to your environment
Getting it to all of your servers and workstations
Slammer worm fastest spreading virus ever
recorded, infecting 300 machines in the network a
second. Patches for Slammer were released by
Microsoft 6 months earlier.
9
Sneakernet Patching

Sneakernet running around, manually patching
each server and desktop and then verifying the
patch (e.g. windows update)

Network Fusion says
...many network administrators essentially
tracked patch status in their head, fixing holes
on the fly. But in the last 2 years, the sheer
complexity of networks and number of patches have
rendered this approach ineffective.
10
Sneakernet - Do The Math

Medium-sized corporate network 10 servers, 1000
desktops
Average patches 2 per week

Installations Reboots 404 per day Assume fast
5 minute apply and patch 17 hours
You need to spend 17 hours each day to apply
patches!
11
ZENworks Patch Management

ZENworks Patch Management automates the process

Notification and acquisition of the patch
Displays applicable machines
Distribution to targeted devices with flexible
scheduling
Maintains patch integrity
12
Patch Management Lifecycle
13
Patch information

ZENworks Patch Management provides extensive
patch information
Know the vulnerabilities addressed
Know the severity of the risk
Know if the patch is applicable to you
Also
Full dependency resolution
Superseded patch prevention

14
Architecture overview
Patch Server
15
Agent based architectureSecurity and flexibility

ZENworks Patch Management agent provides
No NetBIOS ports required to be open outside
firewall
Bidirectional initiation of updates
Full scheduling engine
Support for intermittently connected users

16
Platform support

PatchLink Server runs on Windows 2000/2003 Server
Desktop Support
Windows 98, NT, 2000 and XP
Server Support
Windows NT, 2000 and 2003 Servers
NetWare 4.11 and later
Patch Support
Microsoft, Novell, Adobe, Real, Macromedia,
Corel, McAfee, Sophos, Authentium, Command,
Oracle, Sybase, Citrix, IBM, Compaq, Dell, Apple,
CA, Symantec, SAP and Norton

17
Target selection

Know which devices need updates
Manage individually, by group or by policy
Policy defines required patches for all devices
in your organization
Automated compliance

18
Scheduling options

Patch on your schedule
Exact time that patches are applied
When to check for new patches
How many devices to patch at once
Server initiated overrides

19
Reporting

Know the state of your organization
Graphical reports indicate status
Where are you safe
Where are you vulnerable
Device success or failure

20
Why Riverview chose ZENworks PatchLink?
21
Why Riverview chose ZENworks PatchLink?

Cost is always a significant factor for all
schools

AND
22
How is Novells PatchLink is priced?

Take the number of FTE students and multiply by
US0.50
In our case 1530 FTE _at_ AU0.70 1071.00
Allows 1530 workstations/servers to be patched
Subscription to patches valid for a year
Patches included..
Microsoft, Abobe, Macromedia, Mozilla, WinZip,
etc
Additional subscriptions can be obtained

Full support of appropriate platforms
Automated patch acquisition
Detailed information about the patch
Fully integrated security
Robust agent-based architecture
Applicable target management and selection
Scheduling options
Strong reporting
Role-based management
Minimum required patch conformance

Summary
24
ZENworks Patch Management
1

Dedicate a Windows 2000 SP2 or 2003 Server to
host your installation
Does not need to be member of domain
Needs to be a clean, vanilla server with IIS
Connection to the Internet

25
ZENworks Patch Management
2

Copy the Patch Management agent
Include agent as an Application Object in
ZENworks
Use Deployment Agent Wizard to roll agent out via
a domain
Individual installation

26
ZENworks Patch Management
3

Allow devices to register and perform analysis
and server to retrieve patch information
Analyze the managed devices
Transmit information to ZENworks Patch Management
server
Generate vulnerability reports

27
(No Transcript)
28
(No Transcript)
29
ZENworks Patch Management
4

Review vulnerability reports and deploy patches
Review which patches are required for your
environment
Select patches to deploy

30
(No Transcript)
31

Configuration set on Server on how often the
agent will contact the Patch Server

Agent uses patented technology to keep resource
consumption down to approximately 8 on the
workstation
Because of the CPU throttling, the agent will not
consume entire connection while retrieving patches
Agent will remain fairly undetectable to the user
32

In a basic installation of the ZENworks Patch
Management server you will received the MSDE
engine for the database support.
This will support 200 client devices
To grow larger, you must install MS SQL Server on
the Patch Server. This can allow support up to
10,000-15,000 client devices.
To give good performance on a 5,000 device
server, recommend dual processor, 4GB machine.

Each server in your environment is an independent
installation. They do not know about or
cooperate with one another.
Each server requires its own key. This key is
also provided to each agent as it is installed.
The agent cannot be moved to another patch server
without uninstalling the agent and reinstalling
with the other server key.
Only Novell ZENworks Patch Management keys will
work with ZENworks Patch Management software.
And Novell software will only work with Novell
keys.

34
Contact Details