Today’s IT departments are busy, spending the majority of their time fixing virus-infected user desktops and reactively fighting malware attacks, rather than proactively securing the organization’s network and preventing security vulnerabilities from being exploited.
The proliferation of Web 2.0 and social networking created new avenues to introduce malware into the workplace. In fact, Google has found well over 3 million malware-infected websites on the public internet. With software companies shortening software and OS lifecycle and releasing software prematurely, the number of bugs and design flaws is growing exponentially – on average, 19 new vulnerabilities are released per day¹. Exploits are getting more sophisticated - with the Conficker worm as a recent example of an exploit that has evolved over many months and continues to wreak havoc on networks that have not been updated with the latest Microsoft patches.
IT administrators can’t possibly stay updated on and implement the flood of software vulnerability patches consistently released by all the software vendors they use. A solution is needed that allows effective vulnerability patch management that can be automated for heterogeneous environments and alerts busy IT administrators to issues proactively so they can address them immediately.
|
Lumension Patch and Remediation provides rapid, accurate and secure patch management, allowing you to proactively manage threats in the most complex environments by automating the collection, analysis and delivery of patches throughout your enterprise. As an essential part of Lumension Vulnerability Management™, Lumension Patch and Remediation significantly decreases the costs involved in securing your organization from worms, Trojans, viruses and other malicious threats and allows you to:
- Inventory and manage both physical and virtual machines.
- Reduce corporate risk and optimize IT operations through the timely, proactive elimination of operating system and application vulnerabilities across all systems and servers, including Windows, Unix, Linux and Apple Mac OS.
- Decrease IT costs and improve productivity with a highly automated, subscription-based patch management solution.
- Seamlessly manage and report on Lumension and third party licensed content and prerequisite patches – all from one consolidated console.
- Manage system desktop configuration tasks, such as automating disk defragmentation and disk cleanup tasks, and enforcing policies for account, device control, domain, network, and system policy security settings.
- Improve your security posture through integration with Network Access Control (NAC) solutions to remediate ‘non-compliant’ machines to a compliant state before gaining access to the network
- Demonstrate compliance with security policies and government regulations through continuous patch monitoring and comprehensive reporting.
How it Works
- A comprehensive agent-based scan proactively assesses application, operating system and operational vulnerabilities on corporate endpoints.
- Remediation policies are defined and patches are rapidly deployed using the intelligent patch deployment wizard. Automated deployments are scheduled based upon patch criticalities and defined security policies and can be deployed individually or in phases.
- Lumension’s patented Digital Fingerprinting™ Technology creates a patch fingerprint profile that includes all software, hardware, drivers, and existing and missing patches for each machine. Patch drift is eliminated by ensuring that endpoints get patched and stay patched enabling you to show validation of policy compliance and enforcement.
- A graphical “dash board” and over 20 standard reports document vulnerabilities, patch deployments, patch status, trends and inventory, assisting you to address operational, management and compliance reporting.
Benefits
Consolidates Visibility and Lower TCO
- Single agent collects security and configuration information to provide consolidated visibility and lower TCO.
Provides a Consolidated, Single Tool To Meet All Your Patching Needs
- Single tool has extensibility to meet needs of customers as well as flexibility to easily accommodate new software and initiatives as they arise.
- Manage and report on Lumension and third party licensed content and prerequisite patches automatically without complex or manual credentials management.
Provides Comprehensive On- and Offline Protection
- Protects laptops, servers, and desktops that are often disconnected from the network and reduces network bandwidth usage.
Saves Time and Cost
- Through the integration with Active Directory there is no need to recreate the logical organization of systems, thereby saving time and delivering lower TCO
Enhances Security Posture and Lowers TCO
- Broad vulnerability assessment and remediation database optimizes IT operations and provides better security posture and lower TCO.
Saves IT Operations Time and Effort
- Ensure maximum coverage and protection, with minimal time and effort required by IT operations.
- Eliminate the cost of manually monitoring, acquiring and staging patches for multiple platforms and applications throughout the enterprise.
Improves Security
- Improve security through the timely response to issues.
Improves Productivity
- Improve administrative productivity through proactive, automated alerts.
- Significantly improve productivity while maintaining security.
Provides Comprehensive Visibility
- Provides insight into the security status of the organization.
Ensures Audit Readiness
- Rapidly respond to internal or regulatory compliance requirements.
Ensures No Downtime or Disruptions
- Minimize business disruptions and thus improve the productivity of the organization.
Increases Deployment Accuracy and IT Efficiency
- Employ an organized approach via custom groups allowing you to increase deployment accuracy and IT efficiency.
Improves Policy Management
- Facilitates the deployment of group-specific patches according to your corporate policy
Adapts to Your Growing Business
- Leverages your current network infrastructure in order to lower TCO from day one of implementation through the life of the subscription.
- Adapts to various organizational setups, so you can always integrate the scanner into new business structures.
- Ensures inventory and management of both physical and virtual environments from one consolidated console.
Improves Your Security Posture
- Assures that only compliant endpoints can gain access to the network and automatically remediates any non-compliant machines into an authorized state so network access can be granted.
Provides Visibility Into Real-Time Patch Status & Overall Security Posture
- Provide an informative snap shot of current patch status in order to report to executive management
Reduces IT Costs
- Multiple vulnerabilities are simultaneously eliminated while minimizing IT costs
Provides a Consolidated, Single Tool To Meet All Your Patching Needs
- Corporate patch policies are enforced regardless of endpoint platform
- Software-defect vulnerabilities are eliminated per policy on all platforms
Enforces Compliance In Your Organization
- Set specific policy and enforcement for each group in the enterprise.
- Provide maximum policy flexibility with automated enforcement, saving both time and effort by IT staff.
Enhances Your Security Posture
- Stay patched and updated automatically
- Ensure no unauthorized packages enter your network.
Download Lumension Patch and Remediation Datasheet
|