The US Federal Government levied a substantial fine on a leading US Bank because they were not satisfied with the Bank’s patch process and reporting. The Bank uses several, disparate, patching tools including Microsoft SCCM and Tanium; regulators insisted the Bank have a unified reporting solution to confirm operating systems and business applications were fully patched and compliant. As a result, BigFix was successfully implemented to:
- Identify available patches
- Identify endpoints that are noncompliant and in need of patching.
Additionally, the Bank contracted with HCL to monitor over 150 third-party applications and to build BigFix Fixlets™ as patches or updates are released for those applications.
This issue illustrates an area that is consistently overlooked and not discussed: validation. What does validation mean? One definition is “the action of checking or proving the validity or accuracy of something.” In terms of systems management, validation is the act of verifying that actions were taken and performed as expected.
As is evident with the increasing frequency of data breach announcements, timely and accurate patch management grows ever more critical. However, there needs to be an equally critical discussion about the importance of patch validation.
Do you know how your current patch solution validates that a patch was properly installed? Does it check an exit code from the Windows Update Agent, or does it just scan the registry to see if the patch Knowledge Base (KB) number is listed? What happens if the patch KB is listed as installed; but not properly deployed and installed? When this happens, a false sense of security results and security risk increases dramatically.
BigFix Patch Deployment
BigFix Patch does not rely on other tools to validate that patches are properly installed. In fact, BigFix Patch does not rely on any other software to deploy patches.
Let’s walk through a scenario when Microsoft releases a patch: the BigFix Team generates a Fixlet™ which contains both the necessary content to deploy the patch as well as the steps required to validate that the patch is successfully installed. This content is published to the BigFix Content Servers. The local BigFix server automatically pulls the content down from the BigFix Content Servers and notifies BigFix clients that there is new content. This allows clients to quickly evaluate the Fixlet™, only reporting back to the local BigFix Server if the patch is relevant and needed.
The BigFix operator only sees which systems need the patch and has the option to manually deploy the patch or to create an automatic Patch Policy to automate and speed deployment. Once targeted, the BigFix client will check to make the sure the patch is still needed, and if still relevant, will download and install the patch.
BigFix Patch Validation
BigFix patch validation is a key differentiator. Once the patch has been deployed, the validation process is initiated. BigFix leverages the same check, or multiple checks, that determined the patch was relevant, and in doing so, verifies the patch was properly deployed and installed. As an example, if a check determined that a dynamic link library (DLL) file at version 1.1 needed to be patched, the validation process uses the same check to make sure the patched DLL file is no longer at version 1.1. Because patch validation checks are part of the Fixlet itself, manually created validation checks are unnecessary thus avoiding inadvertent errors.
Patch deployment is important, but validating that patches are deployed properly is critical to improving security posture across the enterprise. Several tools on the market lack the ability to accurately and consistently report patch status and compliance. BigFix is highly valued in this regard because of how BigFix works, its reliable and scalable architecture, and its multiplatform support of Windows, Linux, UNIX and macOS environments. Patch validation definitively reports on patch status and compliance which is why the large US Bank invested in BigFix to satisfy government regulators and avoid fines. It also illustrates why organizations implement BigFix to add value to, or extend the functionality of, other patching tools they currently have deployed.
Author: Dennis Jensen. Editor: Dan Imbach.
For more information
BigFix Patch is included in the BigFix Lifecycle and BigFix Compliance product offerings. Visit www.BigFix.com and schedule a demo or download trial software.
I went over this web site and I conceive you have a lot of good info , saved to fav (:.
Thank you for the good writeup. It in truth used to be a amusement account it. Glance complicated to more delivered agreeable from you! By the way, how could we keep up a correspondence?
Oh my goodness! an amazing article dude. Thanks Nonetheless I am experiencing difficulty with ur rss . Don’t know why Unable to subscribe to it. Is there anybody getting identical rss problem? Anybody who knows kindly respond. Thnkx
I am glad to be a visitor of this sodding blog! , regards for this rare information! .
I like this web site its a master peace ! Glad I detected this on google .
I¦ve been exploring for a bit for any high quality articles or weblog posts on this sort of area . Exploring in Yahoo I ultimately stumbled upon this website. Studying this info So i am happy to convey that I’ve an incredibly excellent uncanny feeling I came upon exactly what I needed. I such a lot indisputably will make certain to do not fail to remember this web site and give it a look regularly.
Thank you for any other informative site. The place else could I am getting that kind of info written in such an ideal way? I’ve a mission that I am simply now running on, and I have been at the glance out for such info.
Perfect piece of work you have done, this internet site is really cool with fantastic info .
It is appropriate time to make some plans for the future and it is time to be happy. I’ve read this post and if I could I desire to suggest you some interesting things or tips. Perhaps you could write next articles referring to this article. I wish to read more things about it!
It’s actually a great and helpful piece of information. I’m happy that you shared this helpful info with us. Please keep us informed like this. Thank you for sharing.
This site is my breathing in, really great layout and perfect articles.
I have joined your feed and look forward to seeking more of your wonderful post. Also, I have shared your web site in my social networks!