Professional Documents
Culture Documents
Vulnerability and Patch Management
Vulnerability and Patch Management
Vulnerability and Patch Management
What is
Vulnerability Management?
Combination of management and security tools into one
product. Examples of Management tools:
– Automated documentation for disaster recovery
– Disk space analysis
– Content scanning (MS Exchange)
– Mailbox moves (MS Exchange)
– Change impact analysis (MS SQL)
According to Gartner:
Security continues to be one of the top three
issues for CIOs.
Windows, IIS and SQL Server are the three key
areas prone to attack.
2004 was the first time that the security budget
for the average enterprise constituted more than
5% of the overall IT budget – showing up on the
CIO’s pie chart
Why Vulnerability Management
Also according to Gartner, some ways to
quantify what you do are:
• What percentage of known attacks is the organization
vulnerable to?
• When was that percentage calculated?
• What percentage of company software, people and
supplies have been reviewed for security issues?
• What percentage of downtime is the result of security
problems?
• What percentage of nodes in the network are
managed by IT?
Why implement a VM solution?
•Multiple threats across a complex IT infrastructure
•Multiple IT Managers are accountable for specific
pieces of the infrastructure, but not all
•Native tools do not provide enterprise-level,
consolidated assessment and audit
•A breach in any one area can affect the entire
infrastructure
•Organizations must comply with some mandated
standards and practices across the enterprise
•Time and efficiencies gained
Quick Quiz:
1. How many machines does it take to make a
network completely vulnerable?
Technical:
• Depth of reporting (granularity, ad-hoc VS predefined)
• Closed loop problem identification and
Remediation
• Scalability
– Agents and their associated maintenance
– parallel processing
• Lack of centralized management (combination of security,
auditing and management tools bundled into product)
Other benefits
Business reasons:
• 30-70% reduction in business losses due to downtime
• 20-70% reduction in lost opportunity costs
• 20-50% reduction in mediation, recovery time and
associated costs
• 10-30% reduction in lost productivity of non-IT
personnel
• 1-2% legal exposure and costs
• 10-30% deployment and maintenance
Testimonials
Slapper
Witty
Sonic
Spida
Melissa
Code Red
Deploy to end-user
w/ software deployment
Patches for OS Platforms
Corporate windowsupdate.com
Does not evaluate “back office” applications
such as Exchange or IIS
No reporting, only basic log analysis
No distributed agents or distribution points
Microsoft Systems Management Server