Software Update Management: Problems and Solutions
Patch management is an essential and complicated process. Prompt and correctly managed updating optimizes cybersecurity, compliance, availability, and functionality. Sporadic software update management can result in security vulnerabilities, compatibility issues, sluggish or inconsistent responsiveness, excessive downtime, or loss of important functions. Patching entails more than occasional updates of an OS and applications for servers and endpoints. Firmware patches can be a critical for peripheral devices like printers and scanners, network infrastructure appliances such as routers and Wi-Fi APs, and Internet-of-Things (IoT) devices such as sensors and robotics.
Progent's Software Update Management services can cover IoT devices like alarms and health monitors
The patching task can pose a number of challenges that can differ for various environments. Resources that could need updating can be on-premises, in a public or private cloud, on the road, or in the homes of telecommuters. Environments may include a mix of Windows, Linux, Apple, and Google operating systems and applications. Some updates can be implemented programmatically and at scale with tools like Configuration Manager, Intune, or Azure Automation Update Management. Others must be implemented manually. Updating for core systems must be scheduled to minimize business disruption. For some mission-critical systems, patches must be thoroughly tested prior to being applied to production.
Progent's support services for patch management provide organizations of any size a flexible and affordable alternative for evaluating, validating, scheduling, applying, and documenting updates to your ever-evolving information network. In addition to optimizing the security and performance of your IT network, Progent's software and firmware update management offerings open up time for your IT staff to focus on crucial initiatives and tasks that return top business value to your network.
Patch management is a closed-loop activity central to your risk management plan
Progent's Patch Management Activities
Progent offers regular and specialized service programs for patch management. These managed services permit you to outsource some or all of your company's software update management tasks to a network support firm with over two decades of background delivering network planning, implementation, and maintenance to companies of all sizes globally. Progent operates closely with your network management team to determine the scope of the managed services you require. Services offered by Progent for software update include:
- Inventory network resources: This can include business-critical applications like Microsoft Exchange and SQL, web-facing physical and virtual servers, workstations and mobile endpoints, security devices like VPN controllers, and network devices like routers and Wi-Fi APs.
- Select assets to be placed under management: Progent's experts will work with your IT team to select which of your IT assets you choose for continuing patch management services. Progent provides a selection of regular service programs that cover certain classes of items and Progent can also provide custom service programs to accommodate your particular needs.
- Deploy patch management utilities: Progent is experienced with a broad range of software update tools and update tracking databases. Available utilities include Azure Update Management for cloud-based assets, System Center Configuration Manager for local assets, Microsoft Intune for mobile devices, IT Glue for documentation, as well as an arsenal of advanced anti-virus platforms. Used together, these products enable you to automate and track updates for IT resources located in public and private clouds, on-premises, on the move, at branch offices, and in the residences of telecommuters.
- Analyze update status and perform risk assessment of uninstalled patches: Generally, systems with current patching are more secure and stable than those with inconsistent patching. Still, some software updates are hurried into distribution and have the ability to disrupt essential network operations by causing compatibility problems, system shutdowns, or confusing changes to end-user environments. Progent can help you to determine which updates carry a risk to your company's IT environment, or which updates should be given a high priority because they block an imminent security attack. Progent's background with patch management services can help you to administer a safe network without compromising productivity.
- Develop a patch management program: Progent's group of consultants can assist in devising and administering a patch management service program that aligns with your business and security requirements. Progent can provide standard and specialized patch management programs and can help with automated and manual updating. Progent can manage mission-critical resources only, all updateable assets, or anything in between.
- Patch testing: Even the biggest networks such as Amazon AWS and Microsoft Azure have had widespread outages caused by updates that were insufficiently tested before being applied to live systems. For organizations with zero room for service disruption, Progent can help develop pilot systems that allow you to make sure that new updates will not cause stability problems for your network.
- Prioritize and schedule updates: Progent can assist you to determine which updates should be implemented quickly and which can be delayed so as to minimize service interruption. Some worldwide regulatory standards, such as the PCI Data Security Standard, mandate that the most critical security updates be installed within a defined timeframe.
- Track update history and status: Progent's standard update management programs include the creation of a centralized database for tracking the patch level of every monitored asset. This streamlines the job of locating where software, firmware, or driver updates can be accessed and includes release dates, related notes, and additional important data needed for a comprehensive update management system.
- Troubleshoot update problems: Patches to some key items such as an operating system or application server can cause unforeseen compatibility or reliability problems, particularly with legacy or custom software or older hardware. Progent has the scope of experience to assist you to identify and resolve issues that may appear due to implementing an update.
Patch Management for Network Appliances from Cisco and Other Vendors
Software patches are frequently released for network infrastructure devices like firewalls, routers, wireless controllers, and wireless APs. These patches usually are intended to improve security, enhance functionality, or correct stability and compatibility problems. Managing updates for these infrastructure devices can be a hassle, especially in multi-vendor environments and networks that include a combination of on-site data centers, at-home workers, branch offices, and cloud-hosted assets. In addition to tracking and accessing the latest updates, network managers have to make sure that network appliances have enough free disk space and that updates are loaded uncorrupted and operate correctly.
Progent has delivered advanced assistance for Cisco networking products for more than two decades and also can provide expertise for devices from other top network companies such as Juniper, Fortinet, and WatchGuard. Progent's services for patch management can assist your organization to expand your patching solution to cover infrastructure appliances along with physical and virtual servers, endpoints, apps, and Internet-of-Things devices.
Progent can provide patch management expertise for infrastructure appliances from Cisco and other vendors
Progent's Standard and Specialized Patch Management Plans
Progent provides a variety of regular software update management plans that include scheduled backup, extensive reporting, and documentation. Pricing is determined by the class and number of devices enrolled. Additional support including creating systems for pre-installation software update piloting are invoiced at normal rates. Specialized plans are also offered and typically cover unusual devices and/or applications.
PROACTIVE Server Software Update Management
On Prem or Private Cloud-hosted Server:
Microsoft Azure Cloud Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance assessment report for enabled machines
- Scheduled Patching and Preventative Maintenance
- License & Resource documentation and management
- Managed Anti-Virus - Current AV system
- Begin server backup once scanned
- Additional Support Billed at time and material Rates
- IT Glue access management and asset documentation
On Premises or Virtual Workstation:
- ProSight Availability Monitoring
- Operating System & Third Party Patch Management
- Scheduled Patching and Preventative Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Support Invoiced at time and material Rates
- IT Glue access control and asset documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Site or Virtual Workstation Patch Management:
Server or Workstation Security Service-Level Agreement - Add on service
Security Critical Patches - completed within 48 hours of Progent being notified - invoiced only when required
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Original Patching Event Additional Costs:
Initial updating will be subject to an additional cost for each server or network item to provide for capture and documentation of current update level as well as any more documentation required for properly providing the patching services as described above. If many updates are necessary that require additional time for the first-time updating, Progent will provide any estimates beyond the regular update cost.
Other Services Available:
Download Progent's Software Update Managed Services Datasheet
For a datasheet describing Progent Patch Management Services, select:
Progent Patch Management Services Datasheet. (PDF - 330 KB)
Talk to Progent about Patch Management Solutions
To learn more about Progent's patch management services, call Progent at 800-993-9400 or go to Contact Progent.