Patch Management: Problems and Benefits
Software update management is a vital and complicated process. Timely and correctly managed updating optimizes cybersecurity, compliance, availability, and capability. Sporadic software update management can result in security vulnerabilities, compatibility issues, sluggish or erratic performance, unnecessary offline stretches, or unavailability of important functions. Patching involves more than periodic updates of an OS and apps for servers and endpoints. Firmware patches can be a critical for peripheral devices like printers and scanners, network appliances like switches and Wi-Fi APs, and Internet-of-Things devices such as alarms and health monitors.
Progent's Software Update Management programs can oversee IoT devices like alarms and robotics
The update task can pose a range of complications that vary for various environments. Assets that could require patching can be located on-premises, in the cloud, mobile, or in the offices of remote workers. Environments may include a mix of Windows, Linux, Apple, and Google operating systems and apps. Some patches can be implemented automatically and at virtually any scale with management tools like Configuration Manager, Intune, or Azure Update. Other updates must be performed manually. Patching for vital systems must be timed to minimize business disruption. In certain line-of-business systems, patches must be thoroughly tested prior to being applied to production.
Progent's support services for patch management provide businesses of any size a flexible and cost-effective alternative for evaluating, testing, scheduling, implementing, and documenting updates to your dynamic IT network. In addition to maximizing the safety and functionality of your information system, Progent's update management services free up time for your IT team to focus on strategic initiatives and tasks that return top business advantage to your network.
Patch management is a closed-loop process central to your risk management strategy
Progent's Software Update Management Activities
Progent provides standard and specialized service programs for patch management. These managed services allow you to offload part or all of your patch management tasks to a network consulting firm with over two decades of experience providing network design, implementation, and maintenance to businesses of all sizes globally. Progent operates in close conjunction with your IT managers to define the critical services you require. Programs available from Progent for patch include:
- Discover system resources: This can include key applications such as Exchange and SQL Server, web-facing servers, desktops and mobile endpoints, security products like firewalls, and network infrastructure appliances such as routers and Wi-Fi APs.
- Determine assets to be placed under management: Progent will collaborate with you to identify which of your IT assets you choose for continuing patch management services. Progent provides a variety of regular programs that target specific types of assets and Progent can also create custom service programs to accommodate your unique needs.
- Implement software update management utilities: Progent is familiar with a broad range of software update platforms and patch tracking databases. Available tools include Azure Update for cloud-hosted resources, Microsoft Configuration Manager for on-prem entities, Intune for mobile devices, IT Glue for IT asset documentation, as well as an arsenal of modern AV platforms. Combined, these tools allow you to deploy and monitor updates for network resources residing in cloud environments, on-premises, on the move, at district offices, and in the residences of at-home workers.
- Determine patch status and perform risk analysis of missing updates: Generally, environments with current patching are more secure and stable than those with sporadic patching. Still, occasionally software updates are hurried into distribution and carry the potential to disrupt vital business operations by causing compatibility problems, system instability, or confusing alterations to user environments. Progent can assist you to assess which updates carry a risk to your organization's network, or which patches should be assigned an urgent priority because they block an imminent security attack. Progent's background providing patch management services can assist you to administer a safe network without sacrificing business value.
- Pick a software update management program: Progent's team of consultants can help in designing and administering a software update management service program that fits your business needs. Progent offers pre-defined and custom patch management programs and can assist with both programmatic as well as manual patching. Progent can manage mission-critical assets only, all patchable resources, or anything in between.
- Patch validation: Even the world's largest networks such as Amazon AWS and Azure have had widespread outages caused by updates that were not sufficiently tested before being rolled out to production environments. For businesses with zero room for downtime, Progent can help develop test systems that permit you to make sure that new patches will not cause reliability problems for your IT system.
- Rank and schedule patches: Progent can assist you to decide which updates should be implemented immediately and which can be safely delayed so as to reduce business interruption. Some key industry standards, such as the Payment Card Industry (PCI) Data Security Standard, require that critical cybersecurity patches be implemented inside a defined timeframe.
- Document update history and status: Progent's regular patch management programs include creating a centralized knowledge base for following the patch level of every monitored resource. This simplifies the job of finding where updates can be downloaded and specifies patch release dates, related advisories, and other important information needed for a comprehensive update management solution.
- Troubleshoot update problems: Patches to some core entities like an OS or application server can result in unexpected compatibility or reliability problems, especially with outdated or custom applications or older devices. Progent has the breadth of knowledge to assist you to identify and resolve problems that may appear as a result of implementing a patch.
Software Update Management for Infrastructure Appliances from Cisco and Other Vendors
Software and firmware updates are frequently developed for network infrastructure devices such as firewalls, routers, wireless controllers, and wireless APs. These patches usually are designed to harden cybersecurity, add or fix features, or correct stability and compatibility problems. Managing patches for these infrastructure devices can be a hassle, particularly in mixed-vendor environments and systems that have a combination of on-premises datacenters, at-home workers, regional offices, and cloud-hosted assets. In addition to tracking and accessing updates, network managers must ensure that network infrastructure devices have sufficient free disk storage and that patches are transferred uncorrupted and operate properly.
Progent has delivered advanced assistance for Cisco infrastructure products for over twenty years and also can provide expertise for devices from other major network companies including Palo Alto Networks, SonicWall, and CheckPoint. Progent's end-to-end services for patch management can help you to expand your software update solution to include infrastructure appliances along with servers, desktop and mobile endpoints, applications software, and IoT items.
Progent offers software update management expertise for network infrastructure appliances from Cisco and other vendors
Progent's Standard and Specialized Patch Management Programs
Progent offers a variety of regular software update management plans that include backup, reporting, and thorough documentation. Cost is based on the class and quantity of devices covered. Extra services such as building environments for initial patch testing are billed at time and material rates. Specialized plans are also offered and usually handle unique devices and/or apps.
PROACTIVE Server Patch Management
Onsite or Private Cloud-hosted Server:
Azure Cloud Servers Patch Management:
- Compliance scan of Windows and Linux servers
- Update compliance evaluation report for enabled machines
- Scheduled Patching and Preventative Maintenance
- License & Asset documentation and management
- Managed Anti-Virus - Current AV system
- Initiate server backup once complete
- Additional Support Billed at T&M Rates
- IT Glue access management and resources documentation
Onsite or Virtual Workstation:
- ProSight Availability Monitoring
- Operating System & Third Party Patch Management
- Scheduled Patching and Preventative Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Support Invoiced at T&M Rates
- IT Glue access management and asset documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Site or Virtual Workstation Patch Management:
Server or Workstation Security SLA - Add on service
Security Critical Patches - completed within 48 hours of Progent being notified - invoiced only when required
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Initial Patching Event Extra Costs:
Initial patching will be subject to an extra cost for each server or network item to enable capture and documentation of current update level and any more information needed for properly providing the ongoing patching as described above. If multiple updates are needed that require extra time for the first-time patching, Progent will present any estimates above the normal update cost.
Other Services Offered:
Download Progent's Software Update Managed Services Datasheet
For a datasheet about the features of Progent Software Update Managed Services, click:
Progent Software Update Managed Services Datasheet. (PDF - 330 KB)
Contact Progent about Patch Management Services
To find out additional information about Progent's software/firmware update management services, call Progent at 800-993-9400 or go to Contact Progent.