Raven Services Update December 2003 David Wallis Senior Systems Consultant Raven Computers Ltd

Agenda Windows Patch Management –What are patches and why do we need them? –Windows Update –Software Update Services (SUS) –Raven Update Service Raven Backup Validation Service Disaster Recovery/Business Continuity Planning

What are Patches Also known as Hotfixes Modifications to the original program code, normally to fix a problem or vulnerability Quick Fix Engineering – QFE Not normally tested as thoroughly as normal software –May introduce new problems

Worms and Vulnerabilities Windows 2000 contains over 30 Million lines of code – Mistakes are inevitable Bugs may be discovered and exploited –Buffer Overflows Worms –Programs are written to automate the exploitation of the bug –Like Virus’s but may not require you to open them –Can spread very quickly, causing havoc –Blaster, Nimda, SOBig

Types of patch Critical Security fixes –Created in direct response to a newly discovered threat –Must be applied quickly to protect against worms written to exploit the vulnerability –Time to release is very short, so testing is “Rapid” –Should almost always be applied if they are relevant to your setup

Types of patch Non-Critical Updates –Created to fix specific bugs or to enhance functionality –Should only be applied if the particular problem affects your computer –Can be more thoroughly tested before release

Types of patch Service Packs –Combination of several hotfixes and updates –Thoroughly tested in a wide range of environments before release –Form a new baseline for the product against which future software will be tested –Should be applied when deemed stable

Windows Update Built into Windows 98, Me, 2000 and XP Visit web page to determine what patches should be applied Tries to only propose relevant patches Must be run manually from each computer Linked from start menu –

Automatic Update Agent Introduced with Windows XP SP1 and Win2k SP4 Available as a download for Win2k SP3 Automates download of critical security patches Can automatically apply and restart computer Can wait for approval before applying Each computer operates separately and fetches its own updates

Software Update Services - SUS Your own Windows Update server Runs on a server on your site Integrates into IIS Administrator approves and downloads patches Client agent on PCs installs approved updates from SUS server Can be managed through Group Policy

Microsoft Software Update Services (SUS)

SUS Client Agent Built into Windows XP SP1 and Win2k SP4 Can be managed and deployed through Active Directory Group Policy Machines can be told to install patches at specified times Machines can be told to reboot at specified times if they are left on

SUS Requirements Runs on Windows 2000 SP3 or later, or Windows 2003 Server running IIS Client PCs must run Windows 2000 SP3 or later, or Windows XP –Windows 9x not supported Installs IISLockdown, so may interfere with some Intranets Administrator must manually approve each update Typical Installation time around ½ day. May vary on some sites

SUS Capabilities SUS can apply all Windows critical security updates and can now deploy service packs to Windows 2000 and Windows XP Next version (due Q2 2004) will allow security patches for Office, Exchange Server and SQL Server to be automatically deployed too

Raven Update Services

Subscription service - £600 per annum –Requires SUS server to be installed Raven Engineers approve updates after testing on a representative sample of platforms Local SUS server pulls only approved “Safe” updates from Raven Update Server Requires no local administration “Hands Free” update of client PCs

Raven Backup Validation Service Is your Backup adequate? Backup is essential, and is YOUR responsibility Have your requirements changed since it was installed? Are you backing up everything you need? Could you recover in the event of a disaster?

Possible backup failings Tape drive needs cleaning Tape is unreadable on another unit Backup job has been interfered with Job may be on hold Critical files may be in use Requirements may have changed Nobody checking that job has run

Raven Backup Validation Service Subsidised fee of £500* for basic server, Raven Consultants will: –Examine your backup strategy –Document your backup procedure in a simple, easy to follow guide –Take a sample tape away and confirm that it contains everything you need –Perform a sample test restore to ensure that data on tape is readable *Based on a single server running supported backup software and DAT or DLT tape unit Prices for more complicated systems on request

Disaster Recovery Planning Business Continuity plan increasingly required by auditors Plan for swift return of IT services in the event of: –Burglary –Fire/Destruction –Critical Failure

Trial Recovery By arrangement, Raven Consultants can: –Perform a complete recovery of your system to a similar hardware platform –Provide a report as to estimated time to get operational –Advise on potential weaknesses and problem areas –Advise on streamlining the recovery process –Document the recovery process in a step by step guide

Conclusions Patch Management of servers and client PCs is essential –SUS can automate this, but requires an administrator –Raven Update Services fills the role of the Administrator for customers without a substantial IT department Be confident in your Backups –Ensure you have adequate backups –Ensure you know how to recover from them if you need to –Utilise Raven services to gain peace of mind

Any Questions? David Wallis Senior Systems Consultant Raven Computers Ltd