Software Update Management: Challenges and Solutions
Software update management is an essential and complex task. Prompt and correctly managed updating optimizes security, regulatory compliance, availability, and functionality. Haphazard patch management can result in security gaps, compatibility issues, sluggish or erratic performance, needless downtime, or unavailability of important functions. Patching entails more than occasional updates of operating systems and apps for servers and user machines. Firmware patches can be a vital for peripherals such as printers and scanners, network infrastructure appliances such as routers and wireless APs, and Internet-of-Things devices such as alarms and health monitors.
Progent's Patch Management services can cover IoT devices such as alarms and robotics
The patching process can pose a range of complications that can differ from one environment to the next. IT resources that may require updating can be on-premises, in a public or private cloud, mobile, or in the homes of remote workers. Networks may include any combination of Windows, Linux, Apple macOS, and Google operating systems and applications. Some patches can be installed automatically and at virtually any scale using tools such as Configuration Manager, Intune, or Azure Update. Other updates must be performed manually. Updating for vital systems must be timed to avoid business disruption. In certain mission-critical systems, updates must be thoroughly tested before being approved for production.
Progent's managed services for software and firmware patch management provide organizations of all sizes a flexible and affordable option for evaluating, testing, scheduling, applying, and documenting updates to your dynamic information network. In addition to maximizing the security and functionality of your IT network, Progent's update management services open up time for your in-house IT staff to focus on strategic initiatives and tasks that deliver maximum business value to your information system.
Patch management is a closed-loop process central to your risk management strategy
Progent's Software Update Management Activities
Progent offers standard and custom service programs for patch management. These managed services allow you to offload part or all of your company's patch management tasks to an IT support organization with over 20 years of background providing solution design, deployment, and support to businesses of all sizes globally. Progent works in close conjunction with your IT managers to determine the critical services you need. Services offered by Progent for software update include:
- Discover system resources: This can include business-critical applications like Exchange and SQL Server, web-facing physical and virtual servers, desktops and mobile endpoints, security products such as firewalls, and network infrastructure appliances like routers and Wi-Fi APs.
- Determine assets to be managed: Progent's experts will work with your IT team to identify which of your network resources you choose for continuing patch management services. Progent offers a variety of standard service programs that target certain types of items and Progent can also provide specialized service programs to meet your particular requirements.
- Deploy patch management utilities: Progent is experienced with a broad range of patch installation platforms and patch inventory reporting systems. Examples of utilities include Azure Update for cloud-hosted resources, Microsoft Configuration Manager for on-prem entities, Microsoft Intune for mobile computers, IT Glue for IT asset documentation, plus a selection of modern AV platforms. Together, these products allow you to automate and monitor patches for IT resources located in cloud environments, on-premises, on the move, at district offices, and in the residences of telecommuters.
- Determine update currency and carry out risk analysis of uninstalled updates: For the most part, environments with current patching are more secure and stable than those with inconsistent updates. However, occasionally patches are rushed into distribution and have the ability to disturb vital business operations by introducing compatibility issues, system instability, or confusing changes to user experiences. Progent can assist you to determine which patches carry a risk to your company's IT environment, or which updates should be given a high priority because they block an imminent security attack. Progent's experience providing update management support can assist you to administer a secure computer system without sacrificing business value.
- Develop a patch management service program: Progent's group of experts can assist in designing and administering a software update management service program that fits your business needs. Progent offers pre-defined and specialized software update management service programs and can assist with both automated as well as manual updating. Progent can manage business-critical resources exclusively, all updateable resources, or somewhere in between.
- Patch testing: Even the largest networks including Amazon AWS and Microsoft Azure have experienced widespread outages caused by software updates that were not thoroughly tested prior to being applied to production systems. For organizations with no tolerance for downtime, Progent can help develop test environments that permit you to make sure that new updates will not cause reliability issues for your IT system.
- Rank and schedule updates: Progent can assist you to decide which updates should be implemented immediately and which can be delayed in order to reduce business disruption. Certain worldwide industry standards, like the Payment Card Industry Data Security Standard, require that critical security updates be installed within a specified time period.
- Document patch history and status: Progent's standard patch management programs include creating a centralized knowledge base for tracking the update level of every monitored resource. This streamlines the job of locating where software, firmware, or driver updates can be downloaded and includes patch release dates, release advisories, and other useful information required for a comprehensive patch management solution.
- Troubleshoot update problems: Patches to some core resources such as an OS or application server can result in unexpected compatibility or stability issues, particularly with legacy or home-grown software or older hardware. Progent has the breadth of experience to help you to understand and resolve issues that may appear due to implementing an update.
Software Update Management for Infrastructure Devices from Cisco and Other Providers
Software and firmware patches are regularly released for network appliances like firewalls, routers, switches, and wireless access points. These updates typically are designed to harden cybersecurity, enhance features, or correct reliability problems. Managing patches for these network appliances can be a hassle, particularly in mixed-vendor networks and networks that include a combination of on-site datacenters, telecommuters, regional offices, and cloud-hosted assets. Besides monitoring and accessing updates, network managers must make sure that network appliances have sufficient free disk storage and that updates are loaded cleanly and work properly.
Progent has provided high-end assistance for Cisco infrastructure products for over twenty years and also offers technical guidance for products from other leading network companies such as Juniper, SonicWall, and WatchGuard. Progent's services for software update management can help you to consolidate your patching system to include network appliances along with servers, endpoints, apps, and Internet-of-Things items.
Progent can provide patch management expertise for network appliances from Cisco and other vendors
Progent's Standard and Custom Software Update Management Plans
Progent has developed a range of standard software update management plans that include scheduled backup, extensive reporting, and thorough documentation. Cost is based on the class and number of entities enrolled. Additional support such as creating systems for initial software update validation are billed at time and material rates. Custom plans are also offered and usually cover unusual devices and/or apps.
PROACTIVE Server Patch Management Services
Onsite or Private Cloud-hosted Server:
Azure Cloud-hosted Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance assessment results for enabled machines
- Scheduled Patching and Maintenance Maintenance
- License & Resource documentation and management
- Managed Anti-Virus - Current AV system
- Begin server backup once complete
- Additional Support Invoiced at T&M Rates
- IT Glue access management and resources documentation
On Premises or Virtual Workstation:
- ProSight Availability Tracking
- Operating System & Third Party Patch Management
- Scheduled Patching and Maintenance Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Support Billed at T&M Rates
- IT Glue access control and asset documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Premises or Virtual Workstation Patch Management:
Server or Workstation Security Service-Level Agreement - Add on service
Security Critical Patches - completed within 48 hours of Progent being notified - invoiced only when needed
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Original Patching Event Additional Costs:
First-time patching will have an additional cost per server or network device to enable review and recording of current update level and any more documentation required for effectively providing the ongoing patching as defined previously. If multiple patches are needed that demand additional time for the initial updating, Progent will present any cost estimates beyond the normal patching cost.
Other Services Available:
Download Progent's Software Update Managed Services Datasheet
For a datasheet about the features and benefits of Progent Software Update Managed Services, select:
Progent Patch Management Services Datasheet. (PDF - 330 KB)
Talk to a Progent Expert about Patch Management Solutions
To learn more about Progent's software/firmware update management offerings, call Progent at 800-993-9400 or visit Contact Progent.