Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shavlik Patch for Microsoft System Center

Published bySimon Adams Modified over 9 years ago

Similar presentations

Presentation on theme: "Shavlik Patch for Microsoft System Center"— Presentation transcript:

1 Shavlik Patch for Microsoft System Center

2 Agenda 1 2 3 4 Patching, Not a Solved Problem
Get More From Microsoft System Center 3 Introducing Shavlik Patch for Microsoft System Center 4 Demonstration of Shavlik Patch

3 Every Day IT Challenges
You have less budget and the need to support more applications I currently use SCCM to patch systems, but unsure how to patch third-party applications I currently do not have a definable patching strategy Patching my systems is taking way to much time and I need my staff focused on initiatives that drive business Security hacks, vulnerabilities, and missing patches cause downtime, data loss and unemployment

4 75% of attacks use publicly known vulnerabilities in commercial software that could be prevented by regular patching. CSIS

5 Although  patching has been “a solved problem” for many years, even decades, a lot of organizations struggle with it today – and struggle mightily.   …in the darkest woods of IT, patching 3rd party application on a desktop remains a significant challenge for many organizations. Patch Management – NOT A Solved Problem! Anton Chuvakin - Gartner

6 Vulnerability Attack Vector
4% 10% 86% Application 86% of reported vulnerabilities come from third party applications - National Vulnerability Database Operating System Hardware Vulnerability distribution by product type National Vulnerability Database (NVD)

7 Vulnerability Attack Vector
Mozilla Firefox Google Chrome Apple Safari Adobe Flash Player Apple iTunes Adobe Air Oracle Java Microsoft Internet Explorer Adobe Shockwave Player Adobe Reader Application # of vulnerabilities # of HIGH # of MEDIUM # of LOW 2012 2011 159 125 85 66 102 54 58 41 27 25 97 275 45 63 78 37 38 65 99 68 61 51 32 34 162 28 57 26 23 31 55 20 5 3 7 30 113 16 6 1 10 14 11 2 4 National Vulnerability Database (NVD)

8 Current Percentage of Vulnerabilities
2,000 1,800 1,600 1,400 1,000 800 1,200 600 400 200 2H10 1H11 2H11 1H12 2H12 1H13 Industry wide vulnerability disclosures More applications are attacked by malicious s software than the OS. Percentage-wise Web-browsers still represent the largest threat. Application vulnerabilities Operating system vulnerabilities Browser vulnerabilities Web browsers represent a small number percentage-wise of applications. The fact that they are split out on this chart represents that browsers are still a significant threat. These can be Safari, Chrome, Firefox, Opera, Internet Explore, etc.

9 What does your patching process look like today?
1 Do you use System Center Configuration Manager (SCCM) to patch software? 2 What about third-party application updates? 3

10 Microsoft System Center Patch Coverage
What about these applications? Microsoft System Center Patch Coverage

11 SCCM Third-Party Application Patching
System Center Update Publisher Only need to install once Install SCUP Check for update availability Visit each vendor website for patch information Some updates could potentially take up to days to research Get Update Information Input patch data Point to vendor website Define Update information with SCUP Import patch information one patch at a time Import data into SCCM Sync SCCM with WSUS Force the Sync with WSUS to distribute the patch Send to Test group first Repeat process for next patch Multiply process (above) by number of vendors Multiply by number of software titles Multiply by number of supported versions Multiply by number of update releases Time Consuming At least one FTE – no one wants the title “Patch Manager” Testing process of test-fix-break-fix-repeat takes many hours Expensive Missed or neglected updates Untested patches may break critical or large numbers of systems Discovery-to-deployment time potentially days, months, years Dangerous Microsoft System Center Patching Hazards Strive to automate the execution. The actual execution of changes is still amazingly manual! It is time to move away from the methods of the 20th century. Too many of these actions are the intellectual equivalent of grunt work. The talents and expense of your people should not be wasted on grunt work! Fortunately, certain tasks are now automated mainly because the manual option is so ridiculously unreasonable. Examples include virtual server provisioning and patch distribution. These can only be performed automatically. The options to automate task execution are rich across nearly all aspects of technology operations. Employ them wherever possible. – Forrester One update for iTunes took Shavlik developers 3 days to research. Shavlik does the work. Most enterprises simply DON’T DO IT!

12 Introducing Shavlik Patch for Microsoft System Center

13 University of Pittsburgh
ORGANIZATION Financial Information Systems (FIS) supports 800 employees 800 PCs 200 Servers Supports payroll, purchasing, general accounting, housing, food services, parking, and transportation Manages all software updates via Microsoft SCCM PROBLEM Team had to manually detected, built, and tested patches before deploying with SCCM “For just three to five applications, we could easily log up to 10 hours a week” SOLUTION Shavlik Patch for Microsoft System Center “Updating all applications takes about an hour each week—no matter how many applications need patching—instead of being nearly a full-time job.” – Rick McIver

14 Shavlik Patch for Microsoft System Center
Manage third-party updates within SCCM Leverages same workflow within SCCM for both OS and application updates Automates process of defining, loading, and syncing patch information Keeps the SCCM admin in SCCM Leverage Shavlik’s “best in class” catalog of patch data Includes deployment and detections logic; Shavlik tested Covers today’s most attacked applications Light-weight software/architecture Easy plug-in for the SCCM console Leverages the scalability of SCCM

15 Get Value from Shavlik Patch
Increase security to reduce downtime Close the application patching gap Patch hundreds of vulnerable applications No need for end-user intervention Reduce application security risks Expand Microsoft System Center Configuration Manager (SCCM) to include application patching Easy integration into the SCCM console Leverage existing SCCM workflows Decrease vulnerability to patch windows Maximize your Microsoft System Center investment Accelerate patching from months to minutes Patch with confidence Reduce number of steps creating updates No additional consulting required Significantly reduce IT effort and cost

16 Shavlik Patch Patching Process
Sync Patch Data from Shavlik Cloud 1 Select Patches from SCCM Plugin 2 Use SCCM to Sync WSUS 3 SCCM WSUS Leverage Existing SCCM Workflows and Infrastructure 4 WORKSTATIONS/SERVERS

17 SCCM Plug-in Fully integrated into the SCCM UI
Choose which updates to publish See info about available updates Filter the list Group by vendor to see “tree” view

18 Features Allow third-party updates to be published automatically
Choose how often and when updates are published to WSUS Filter down to just the vendors or products you care about Optional ability to “set and forget”

19 Certificate Handling Identifies WSUS server used to distribute patches
Setup certificates or trusts to deploy third-party updates

20 One Product…Two Configurations
If SCCM 2012 SCCM add-in; let’s admin do all his/her work in SCCM UI Removes need for SCUP Automates download of the *.cab files Automates publishing of updates Robust packaging – Java, Apple If SCCM 2007 Catalog of Shavik’s best-in-class patch information Automates creation of custom patches within SCUP Reduces testing and deployment time Leverages SCUP’s workflow to publish patches to WSUS

21 Shavlik Patch for SCCM 2007 – Simple To Use, Easy As 1-2-3
Customer Downloads Update Catalog Of Data 2 Import Shavlik Catalog Into SCUP | Sync To Configured Update Servers 3 Use your existing SCCM workflows to Detect & Patch MS and 3rd Party Apps

22 Applications Covered by Shavlik Patch
Adobe Acrobat Adobe Flash Adobe Reader Adobe Shockwave Apple iTunes Apple QuickTime Apple Safari Apple Application Support Citrix Presentation Citrix ZenApp Java JRE Microsoft Access 2000 Microsoft Excel 2000 ISA Server 2000 Microsoft Office 2000 Microsoft Outlook 2000 Microsoft PowerPoint 2000 Microsoft Publisher 2000 Microsoft Visual Studio .NET Microsoft Visual Studio .NET 2003 Visual FoxPro Microsoft Word 2000 Mozilla Firefox Mozilla SeaMonkey Mozilla Thunderbird Opera Real Networks Real Player and many more…

23 Demo

24 Shavlik Patch Review 1 Complete SCCM add-on for third party patch 2 Supports hundreds of commonly vulnerable applications 3 Leverage SCCM workflows and platform for efficiency and scalability 4 Decrease vulnerability-to-patch window 5 Patch with Confidence

25 Thank You

Download ppt "Shavlik Patch for Microsoft System Center"

Similar presentations

Flex in the Salesforce Cloud Markus Spohn Director of Product Management.

Flex in the Salesforce Cloud Markus Spohn Director of Product Management.
Slide Heading Seminar Series: Managing IT Risk In 2010 Understanding End User Attack Vectors Brian Judd, CISSP SynerComm January 20, 2009.

Slide Heading Seminar Series: Managing IT Risk In 2010 Understanding End User Attack Vectors Brian Judd, CISSP SynerComm January 20, 2009.
Saving Money by Recycling Existing Computers with LTSP Peter Billson Linux Terminal Server Project (LTSP.org) Linux User Group in Princeton LUG/IP July.

Saving Money by Recycling Existing Computers with LTSP Peter Billson Linux Terminal Server Project (LTSP.org) Linux User Group in Princeton LUG/IP July.
WebFOCUS Active Technologies: Continuing Innovation

WebFOCUS Active Technologies: Continuing Innovation
© 2015 Dbvisit Software Limited | dbvisit.com An Introduction to Dbvisit Standby.

© 2015 Dbvisit Software Limited | dbvisit.com An Introduction to Dbvisit Standby.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
MyCloudIT Removes the Complexity of Moving Cloud Customers’ Entire IT Infrastructures to Microsoft Azure – Including the Desktop MICROSOFT AZURE ISV: MYCLOUDIT.

MyCloudIT Removes the Complexity of Moving Cloud Customers’ Entire IT Infrastructures to Microsoft Azure – Including the Desktop MICROSOFT AZURE ISV: MYCLOUDIT.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
What do User-Centric deployments mean for OSD NE Ohio System Center User Group February 2012 Jason Condo

What do User-Centric deployments mean for OSD NE Ohio System Center User Group February 2012 Jason Condo
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence.

Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence.
Built on the Powerful Microsoft Azure Platform, Nimble Schedule Streamlines and Automates Scheduling with Cloud-Based Mobile Services MICROSOFT AZURE ISV.

Built on the Powerful Microsoft Azure Platform, Nimble Schedule Streamlines and Automates Scheduling with Cloud-Based Mobile Services MICROSOFT AZURE ISV.
Established in 1999 Headquartered in Boulder, CO Citrix Service Provider Primary Data Center in Denver, CO Secondary DC geographically positioned MSFT.

Established in 1999 Headquartered in Boulder, CO Citrix Service Provider Primary Data Center in Denver, CO Secondary DC geographically positioned MSFT.
Sr. Manager Global Business Solutions Carlos Capó Master Macs in Business Easily integrate Macs into a Microsoft Shop.

Sr. Manager Global Business Solutions Carlos Capó Master Macs in Business Easily integrate Macs into a Microsoft Shop.
Norman Enterprise Security Suite Increased control reduce TCO.

Norman Enterprise Security Suite Increased control reduce TCO.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Elite Networking & Consulting Presents: Everything You Wanted To Know About Data Insurance* * But Were Afraid To Ask Elite Networking & Consulting, LLC,

Elite Networking & Consulting Presents: Everything You Wanted To Know About Data Insurance* * But Were Afraid To Ask Elite Networking & Consulting, LLC,
DYNAMICS CRM AS AN xRM DEVELOPMENT PLATFORM Jim Novak Solution Architect Celedon Partners, LLC

DYNAMICS CRM AS AN xRM DEVELOPMENT PLATFORM Jim Novak Solution Architect Celedon Partners, LLC

Similar presentations

Ads by Google