Presentation is loading. Please wait.

Presentation is loading. Please wait.

Congratulations – you survived the keynote with Stan & Ollie.

Published byMartin Lindsey Modified over 9 years ago

Similar presentations

Presentation on theme: "Congratulations – you survived the keynote with Stan & Ollie."— Presentation transcript:

1 Congratulations – you survived the keynote with Stan & Ollie

2 10 min is all it takes - Managing Microsoft & 3rd party updates with SC 2012 Configuration Manager Kent Agerlund

3 Who am I  Kent Agerlund  Chief System Management Architect  Coretech A/S, Denmark  Microsoft MVP: Enterprise Client Management  Microsoft Certified Trainer, MCITP Enterprise Admin I love questions – but DON’T ask me about hockey and the world cup

4 Agenda  Patch Tuesday  Let’s spend 5 min together  Why worry about 3rd party updates  What are your options  SCUP 2011 (System Center Updates Publisher)  Solarwinds  Secunia

5 So….What is patch management? Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence

6 Plan for Software Updates  Define you Update process  Pilot environments  Servers with automatic restart  Servers with manual requirements  Logically grouped servers  Workstations in production  Excluded devices  Define you SLA’s  When is your Boss a “Happy Camper”  Can you track compliance  Collection design  Maintenance Windows  CD+IT+RT=MW

7 Workstation restarts  Automatic restart?  No restart = No compliance = No  Make sure you have a restart plan  Create custom report Last Computer Restart

8 Give me 5 minutes DEMO Wake up it’s, Patch Tuesday or early Wednesday

9 Microsoft Programs 14% Third Party Programs 86% Why worry about 3rd party Busine ss View Criminal s View What criminals attack Business critical programs Programs you know about Programs you don’t know about What do you patch today Vendors

10 The numbers speaks for themselves – TOP 50 apps Cybercriminals know: patch available ≠ patch installed 10 Vulnerabilities in 2012 TOP 50 Apps 1137 421 in 2009 229 in 2007

11 Patching N of 200 programs 80% risk reduction achieved by either patching the 12 most critical programs, or by patching the 37 most prevalent programs 1237 Strategy 2: By Criticality Risk remediated by patching the N most critical programs Strategy 1: Static Risk remediated by patching the N most prevalent programs Where to begin

12 Are we doomed?

13 SCUP 2011

14  What is SCUP  Authoring tool  Publishing tool  3rd Party Updates with SCUP  Same experience for all updates in ConfigMgr  Supports EXE, MSI and MSP based updates  MSU workaround : http://blogs.technet.com/b/dominikheinz/archive/2011/10/17/deploying- custom-msu-updates-with-sccm-and-scup.aspx http://blogs.technet.com/b/dominikheinz/archive/2011/10/17/deploying- custom-msu-updates-with-sccm-and-scup.aspx

15 SCUP Process Flow Author custom SCUP catalog WSUS Server Catalogs downloaded from web ConfigMgr ServerSCUP Console Publish UpdatesSync Updates ConfigMgr Clients Scan Updates Deploy Updates Author Updates Import Updates

16 The signing certificate  Used by SCUP to sign updates  Trusted Publishers  Trusted Root  Configure WSUS GPO  Allow self signed certificates  Create the self-signed certificate with SCUP  External certificate - http://blogs.msdn.com/b/steverac/archive/2011/09/18/using- system-center-update-publisher-2007-with-verisign-certificates.aspx http://blogs.msdn.com/b/steverac/archive/2011/09/18/using- system-center-update-publisher-2007-with-verisign-certificates.aspx  KB2720211 & KB2661254

17 Available Catalogs  Free catalogs  Adobe  Reader and Flash  Dell  Client and Server updates  Hewlett-Packard  Client and Server updates  Fujitsu  ConfigMgr Cumulative updates  $$ catalogs  SCUPdates from Shavlik, VMWARE no wait today it’s LANDESK  PatchMyPC PatchMyPC

18 SCUP DEMO Patch ConfigMgr clients…..the easy way

19 Secunia

20  Products  CSI – Corporate edition  SSB – Small Business edition  PSI – Consumer and free  Cloud Based solution  Database contains vulnerabilities in software products since 2003  40k+ programs, applications and plug-ins from thousands of software vendors  Automated patch repackaging  Fully integrated with 2012

21 Secunia Infrastructure  Installation  Database Cloud VS Standalone  Administrator Console  Integration with Configuration Manager  Scanning  Agent  Agentless  Network  Requirements  WSUS Signing Certificate  WSUS GPO

22 Vulnerability Scanning  Process  Collect metadata from *.exe, *.dll and *.ocx  Match against raw metadata against Secunia File Signatures  Compare software against Advisory & Vulnerability Database  Metadata gathering  Locally installed agent  Agent running from a ConfigMgr package  ConfigMgr Software Inventory  Network scan  How Often  Configurable  Support for “Road Warriors”

23 Reporting  Integrated with Configuration Manager  Custom Dashboard  Custom reports  E-Mail subscriptions

24 Deploying patches  Custom created Secunia packages  Silent installations  Can detect running applications like JAVA  Script support  PowerShell  VB  Java  Updates are injected into WSUS

25 Secunia DEMO 3 rd party patching

26 UTVÄRDERING  Fyll i utvärderingen så att vi kan bli ännu bättre till nästa gång!  Antigen via länken du fick med din biljett eller vid någon av datorerna i TrueSec:s monter  Tävla samtidigt om en HP Elitepad 900 (Vinnaren presenteras i Utställarfoajén direkt efter sista sessionen). KVÄLLSMINGEL  Best of MMS avslutas med ett gigantiskt mingel på närliggande Dubliner direkt efter dagens sista session!  Microsoft och LabCenter bjuder på god öl och ett unikt tillfälle för experter, branschkollegor och eventdeltagare att mingla tillsammans.  Vi ses väl där?

Download ppt "Congratulations – you survived the keynote with Stan & Ollie."

Similar presentations

Patch Management Patch Management in a Windows based environment

Patch Management Patch Management in a Windows based environment
Networking Fabric in Hyper-V and VMM Richard Ulfvin.

Networking Fabric in Hyper-V and VMM Richard Ulfvin.
You’ve Got a Cloud- Familiar Tools to Manage IT Bob Hunt Sr. IT Pro Evangelist

You’ve Got a Cloud- Familiar Tools to Manage IT Bob Hunt Sr. IT Pro Evangelist
ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.

ISV Partner Alliance Value Policy Policy Management for Microsoft® System Center.
Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.

Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.
Shavlik Patch for Microsoft System Center

Shavlik Patch for Microsoft System Center
Mark O’Shea Partner Technology Advisor – SMB Microsoft Australia.

Mark O’Shea Partner Technology Advisor – SMB Microsoft Australia.
WCL209. GA3/23GA3/23 Manage & Secure PCs Anywhere All you need is an internet connection The Best Windows Experience Standardize your OS on the latest.

WCL209. GA3/23GA3/23 Manage & Secure PCs Anywhere All you need is an internet connection The Best Windows Experience Standardize your OS on the latest.
Deep Application Management with Microsoft System Center 2012 Configuration Manager Adwait Joshi Senior Product Marketing Manager Microsoft Corporation.

Deep Application Management with Microsoft System Center 2012 Configuration Manager Adwait Joshi Senior Product Marketing Manager Microsoft Corporation.
A Tour of System Center Configuration Manager Adam Duffy Edina Public Schools.

A Tour of System Center Configuration Manager Adam Duffy Edina Public Schools.
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
Monitor Linux OS health & performance Monitor log files Monitor JEE app servers Monitor line-of-business applications Monitor databases and web.

Monitor Linux OS health & performance Monitor log files Monitor JEE app servers Monitor line-of-business applications Monitor databases and web.
OSP219. Experience Office as it was meant to be… without the complexity of setting up servers.

OSP219. Experience Office as it was meant to be… without the complexity of setting up servers.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence.

Patch Deployment Patch Creation Vulnerability Scanning Vulnerability Intelligence.
TechNet Build’06 “The Secure Well Managed Infrastructure Tour”

TechNet Build’06 “The Secure Well Managed Infrastructure Tour”
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –
Sr. Manager Global Business Solutions Carlos Capó Master Macs in Business Easily integrate Macs into a Microsoft Shop.

Sr. Manager Global Business Solutions Carlos Capó Master Macs in Business Easily integrate Macs into a Microsoft Shop.
WCA-B324 Get Up!!! YAAAWWWN! App-V 5.0 Get Ready for… Are You Ready?

WCA-B324 Get Up!!! YAAAWWWN! App-V 5.0 Get Ready for… Are You Ready?

Similar presentations

Ads by Google