top 10 ways to speed up patching

Upload: bsasciti

Post on 08-Aug-2018

219 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    1/16

    Top 10 Ways ToTop 10 Ways ToSpeed Up PatchingSpeed Up Patching

    AmolAmol SarwateSarwate

    rec or o u nera y a s, ua ys ncrec or o u nera y a s, ua ys nc..

    Company ConfidentialCompany Confidential

    1212thth Sep 2012Sep 2012

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    2/16

    Simple and easySimple and easy

    Cost EffectiveCost Effective

    ReliableReliable

    PatchingPatching

    22

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    3/16

    Australian Defense SignalAustralian Defense Signal DirectorateDirectorate

    https://community.qualys.com/docs/DOChttps://community.qualys.com/docs/DOC--27352735

    PatchingPatching prevents security incidentprevents security incident

    33

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    4/16

    RSA ConferenceRSA Conference 20122012

    https://community.qualys.com/docs/DOChttps://community.qualys.com/docs/DOC--35423542

    PatchingPatching prevents security incidentprevents security incident

    44

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    5/16

    Why are we so slow at Patching?Why are we so slow at Patching?

    55

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    6/16

    Challenge 1Challenge 1

    Unknown AssetsUnknown Assets

    Speed up patchingSpeed up patching

    66

    ecommen at onecommen at on Asset management tools, inventory control systems or aAsset management tools, inventory control systems or a

    similar processsimilar process..

    Usually a combination of multiple approaches gives the bestUsually a combination of multiple approaches gives the best

    resultsresults..

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    7/16

    ChallengeChallenge 22

    DowntimeDowntime

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    77

    g y ava a e pro uc s an opera ona r c sg y ava a e pro uc s an opera ona r c s

    Solutions are different depending on the softwareSolutions are different depending on the software

    Talking with your operation folks or system administrators canTalking with your operation folks or system administrators canyield in good ideas to beginyield in good ideas to begin

    Test your solutionTest your solution Group downtimes togetherGroup downtimes together

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    8/16

    ChallengeChallenge 33

    ITIT resourcesresources

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    88

    a c managemen sys emsa c managemen sys ems -- exce en n one area, eexce en n one area, eWindows patches, but weak in other areas like databaseWindows patches, but weak in other areas like databasepatchespatches

    Combination of manual and automated approaches works theCombination of manual and automated approaches works thebest to cover the entire asset basebest to cover the entire asset base

    Properly managed networks and assets are easier to patchProperly managed networks and assets are easier to patch

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    9/16

    Challenge 4Challenge 4

    Unreasonably long patch test cycleUnreasonably long patch test cycle

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    99

    r or ze asse s an app ca e pa c esr or ze asse s an app ca e pa c es

    Keep a test setup or small test lab readyKeep a test setup or small test lab ready

    Consult with developers, testers, system administrators ofConsult with developers, testers, system administrators ofhome grownhome grown systemssystems

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    10/16

    ChallengeChallenge 55

    Extreme Virtual PatchingExtreme Virtual Patching

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    1010

    se v r ua pa c ng as a emporary arrangemen w e ese v r ua pa c ng as a emporary arrangemen w e epatch is being tested or software is being modified to workpatch is being tested or software is being modified to workwith the newly released patch.with the newly released patch.

    Certain areas like web applications can benefit from virtualCertain areas like web applications can benefit from virtualpatchingpatching

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    11/16

    Challenge 6Challenge 6

    Conflicting BinariesConflicting BinariesPatch from Vendor A may not install successfully due to differentPatch from Vendor A may not install successfully due to different

    version of binaries installed by Vendor Bversion of binaries installed by Vendor B

    Speed up patchingSpeed up patching

    1111

    RecommendationRecommendation

    Dedicated servers for discrete business function to reduceDedicated servers for discrete business function to reduceconflict between multiple software programsconflict between multiple software programs

    Do not overload the same server with products from multipleDo not overload the same server with products from multiplevendorsvendors

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    12/16

    ChallengeChallenge 77

    Third PartyThird Party PatchesPatches

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    1212

    rgency o e s ua on an cre y o e r par y pa crgency o e s ua on an cre y o e r par y pa ccreator play a vital rolecreator play a vital role

    In most situations do not installing third party patch as theyIn most situations do not installing third party patch as theymay break something elsemay break something else

    Worst caseWorst case Fake patch with embedded malwareFake patch with embedded malware Implement workaround provided by the vendorImplement workaround provided by the vendor

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    13/16

    Challenge 8Challenge 8

    ExpiredExpired LicensesLicenses

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    1313

    s a en y exp re censes mos y re ec apse n es a en y exp re censes mos y re ec apse n eadministration of the systemadministration of the system

    In some countries pirated software is common, but creates aIn some countries pirated software is common, but creates abreeding heaven for viruses and wormsbreeding heaven for viruses and worms

    Use asset management or vulnerability managementUse asset management or vulnerability managementsoftware to track licenses and vulnerabilitiessoftware to track licenses and vulnerabilities

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    14/16

    ChallengeChallenge 99

    Patching a kiosks, ICS or SCADAPatching a kiosks, ICS or SCADA systemssystems

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    1414

    eman exp a e reeman exp a e re--re ease o pa c es rom your ven orre ease o pa c es rom your ven or

    Demand from your SCADA vendor guidance on the safety ofDemand from your SCADA vendor guidance on the safety ofinstalling standard patch on your critical infrastructure orinstalling standard patch on your critical infrastructure orfactory floors.factory floors.

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    15/16

    ChallengeChallenge 1010

    Large number ofLarge number of patchespatches

    RecommendationRecommendation

    Speed up patchingSpeed up patching

    1515

    WeWe cannot control how many patches are released by vendors.cannot control how many patches are released by vendors.But with proper asset management, patch management andBut with proper asset management, patch management andvulnerability management tools and correctly maintainedvulnerability management tools and correctly maintainedinfrastructure we can prepare ourselves better for the dreadedinfrastructure we can prepare ourselves better for the dreadedpatch day.patch day.

  • 8/23/2019 Top 10 Ways to Speed Up Patching

    16/16

    TwitterTwitter: @: @amolsarwateamolsarwatehttps://community.qualys.comhttps://community.qualys.com

    [email protected]@qualys.com

    Thank YouThank You

    1999 199920122012 QualysQualys, Inc. All rights reserved., Inc. All rights reserved.