Software Update Management: Challenges and Solutions
Patch management is a vital and complex process. Prompt and properly managed patching optimizes security, compliance, uptime, and functionality. Sporadic patch management can result in security gaps, compatibility issues, sluggish or inconsistent performance, excessive downtime, or loss of key functions. Patching entails more than periodic updates of operating systems and applications for servers and user machines. Firmware updates can be a critical for peripheral devices like printers and scanners, network appliances like routers and Wi-Fi access points, and IoT devices like sensors and health monitors.
Progent's Patch Management programs can oversee IoT devices like sensors and robotics
The update task can pose a range of complications that vary from one environment to the next. IT resources that could require updating can reside on site, in the cloud, mobile, or in the homes of remote workers. Environments may support any mix of Windows, Linux, Apple macOS, and Google operating systems and apps. Some updates can be implemented automatically and at scale with management tools like Configuration Manager, Microsoft Intune, or Azure Automation Update. Others must be implemented manually. Updating for vital systems must be scheduled to minimize business interruption. In certain mission-critical environments, patches must be thoroughly tested before being applied to production.
Progent's support services for patch management provide organizations of any size a versatile and affordable alternative for evaluating, validating, scheduling, implementing, and tracking software and firmware updates to your dynamic IT system. In addition to optimizing the safety and functionality of your information system, Progent's update management programs open up time for your IT team to concentrate on strategic projects that return maximum business advantage to your network.
Patch management is a closed-loop lifecycle central to your risk management strategy
Progent's Software Update Management Processes
Progent offers regular and specialized service programs for patch management. These managed services permit you to offload a portion or all of your company's patch management tasks to a network support firm with more than two decades of experience providing solution planning, implementation, and support to businesses of all sizes globally. Progent works in close conjunction with your network management team to determine the critical services you need. Programs available from Progent for software update include:
- Discover network resources: This can cover business-critical applications such as Microsoft Exchange and SQL Server, web-facing physical and virtual servers, workstations and mobile endpoints, security devices like firewalls, and network infrastructure devices such as switches and wireless APs.
- Determine assets to be managed: Progent will collaborate with you to select which of your IT resources you choose for ongoing software update management services. Progent provides a variety of regular programs that cover certain types of assets and Progent can also provide specialized programs to meet your particular requirements.
- Deploy software update management utilities: Progent is familiar with a wide selection of patch installation tools and patch inventory databases. Examples of tools include Azure Update for cloud-hosted assets, Microsoft Configuration Manager for local assets, Intune for mobile computers, IT Glue for IT asset documentation, as well as a selection of advanced anti-virus products. Combined, these products allow you to deploy and monitor patches for network assets located in public and private clouds, on site, on the move, at branch offices, and in the residences of at-home workers.
- Analyze patch currency and carry out risk analysis of missing updates: Generally, environments with current patching are more protected and dependable than those with inconsistent updates. However, some software updates are hurried into production and carry the potential to disturb vital network processes by causing compatibility issues, system shutdowns, or unfamiliar changes to end-user experiences. Progent can assist you to determine which patches carry a risk to your company's IT environment, or which patches should be given a high priority because they defend against an imminent cybersecurity attack. Progent's background providing update management support can help you to maintain a secure computer system without compromising business value.
- Pick a patch management service program: Progent's team of consultants can assist in devising and administering a software update management program that aligns with your business requirements. Progent can provide pre-defined and custom patch management service programs and can assist with automated as well as manual updating. Progent can manage mission-critical resources exclusively, all patchable assets, or somewhere in between.
- Patch testing: Even the world's largest networks like Amazon AWS and Azure have experienced major outages caused by updates that were not thoroughly tested before being rolled out to live systems. For organizations with no room for service disruption, Progent can help develop pilot environments that permit you to make sure that new patches will not introduce stability issues for your network.
- Rank and schedule patches: Progent can assist you to decide which patches should be implemented quickly and which can be delayed in order to minimize service interruption. Some key regulatory standards, like the Payment Card Industry (PCI) Data Security Standard, require that critical security patches be implemented within a defined time period.
- Document update history and status: Progent's standard patch management programs include creating a centralized database for following the patch level of every monitored asset. This streamlines the task of locating where updates can be found and specifies release dates, related notes, and additional useful data required for a comprehensive patch management solution.
- Fix update problems: Patches to some key items like an operating system or app server can result in unforeseen compatibility or reliability problems, especially with legacy or custom applications or older hardware. Progent has the breadth of knowledge to help you to identify and mitigate problems that may appear due to deploying a software update.
Software Update Management for Network Infrastructure Devices from Cisco and Other Vendors
Software patches are frequently released for network infrastructure appliances such as firewalls, routers, switches, and Wi-Fi APs. These patches typically are intended to harden security, add or fix functionality, or mitigate stability and compatibility problems. Managing patches for these network infrastructure appliances can be a hassle, especially in multi-vendor networks and systems that have a combination of on-site datacenters, telecommuters, branch offices, and cloud-hosted assets. Besides monitoring and acquiring updates, IT managers must verify that network appliances have enough disk space and that patches are loaded uncorrupted and work properly.
Progent has delivered advanced support for Cisco networking products for over two decades and also can provide expertise for devices from other major vendors such as Palo Alto Networks, Fortinet, and WatchGuard. Progent's services for patch management can help you to consolidate your software update solution to include network appliances along with physical and virtual servers, desktop and mobile endpoints, apps, and IoT items.
Progent offers software update management support for infrastructure devices from Cisco and other vendors
Progent's Regular and Custom Patch Management Services
Progent provides a variety of regular software update management plans that include backup services, reporting, and thorough documentation. Cost is based on the class and quantity of devices enrolled. Extra support including building systems for pre-installation software update testing are invoiced at normal rates. Custom packages are also offered and usually cover unusual devices and/or applications.
PROACTIVE Server Software Update Management Services
Onsite or Private Cloud-hosted Server:
Microsoft Azure Cloud Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance evaluation report for enabled machines
- Scheduled Patching and Preventative Maintenance
- License & Asset reporting and management
- Managed Anti-Virus - Current AV system
- Begin server backup once complete
- Additional Services Billed at time and material Rates
- IT Glue access management and resources documentation
Onsite or Virtual Workstation:
- ProSight Availability Tracking
- OS & Third Party Patch Management
- Scheduled Patching and Preventative Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Support Invoiced at time and material Rates
- IT Glue access control and resources documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Site or Virtual Workstation Patch Management:
Server or Workstation Security Service-Level Agreement - Add on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when required
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security Service-Level Agreement - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Original Patching Event Extra Costs:
Initial patching will be subject to an extra cost for each server or network item to enable review and recording of current update level and any other information necessary for effectively providing the patching services as described previously. If multiple patches are necessary that require additional work for the first-time patching, Progent will provide any estimates above the regular patching cost.
Other Services Available:
Download Progent's Patch Management Services Datasheet
For a datasheet about the features of Progent Software Update Managed Services, click:
Progent Software Update Managed Services Datasheet. (PDF - 330 KB)
Contact a Progent Expert about Software/Firmware Update Management Solutions
To learn additional information about Progent's patch management services, call Progent at 800-993-9400 or see Contact Progent.