Home
 
Compliance Assurance Virtualization Compliance PCI DSS Configuration Audit Change Management Configuration Intelligence Security Operational Efficiency Green IT Patch Management Audit ITIL
 

Customer Quote

"Using ECM, "everything from finding patches to testing to deployment to verification has now become manageable. We rely heavily on Microsoft, so the fact that Configuresoft works well with Microsoft was very important to us."

- Angela Triola
Infrastructure Analyst

ENT
 
  
Share this information

Patch Management

 
Case Study Case Study:
Dollar Thrifty Automotive Group
Datasheet Datasheet:
Security Update Manager (SUM)
 

Good business practice demands continuous compliance. Good patch management sustains operational efficiency, shores up security vulnerabilities, and maintains the stability of your production environment. Most software products that can patch an enterprise must first scan the network before a vulnerability assessment is performed. This action is time-consuming and machines that are not currently connected to the network are missed. The result is a less than accurate picture of your enterprise which is a continuous risk.

ECM and Patch Assurance

ECM consistently and proactively installs patches to eliminate areas of potential weakness. Leveraging ECM's extensive Configuration Management Database (CMDB) to perform the vulnerability assessment, patches are installed at an enterprise level rather than machine-by-machine. ECM automatically discovers new systems and tracks configuration changes at scheduled intervals to ensure the latest patch information is available.

ECM is quite simply the most scalable and effective patch assurance solution available, utilizing the ECM CMDB to quickly and efficiently analyze all of the machines in your environment.

Because ECM can automatically group machines by function or role (SQL, IIS, workstation, application, OS type etc.), ECM can help the administrator test the patches across varying configurations. Available for Windows, UNIX and Linux systems, ECM is the essential tool for continuous patch delivery and verification across heterogeneous enterprises.

ECM continuously updates the patch status of all machines across the enterprise, and maintaining an audit history of patch deployment.

To ensure ongoing patch compliance, ECM can be easily configured to raise an alert or take an automated action if a new machine is discovered, that is non-compliant or if an existing machine falls out of compliance.

Four Phases of Patch Management:

  • Assessment - determining which machines are impacted by the vulnerability and require the patch.
  • Testing - installing patches on various "representative samples" of configuration constellations for various machine types.
  • Deployment - the actual delivery and installation of patches to machines.
  • Auditing - ensures proper delivery of patches to the targeted machines.

Today's organizations must have a solid enterprise-level patch management tool.

Learn More Learn how ECM can assist with all four aspects of patch management.