Software Update Management: Problems and Solutions
Patch management is a vital and complex process. Prompt and correctly managed updating maximizes security, compliance, availability, and functionality. Sporadic software update management can result in security gaps, compatibility problems, slow or inconsistent responsiveness, unnecessary downtime, or loss of important functions. Patching entails more than periodic updates of operating systems and apps for servers and user machines. Firmware patches can be a vital for peripherals like printers and scanners, infrastructure appliances like routers and wireless access points, and Internet-of-Things (IoT) devices like alarms and robotics.
Progent's Software Update Management services can oversee IoT devices like sensors and robotics
The patching task can pose a number of challenges that vary from network to network. IT resources that could need patching can be located on site, in a public or private cloud, on the road, or in the offices of telecommuters. Environments may include a combination of Microsoft Windows, Linux, Apple, and Google operating systems and applications. Some updates can be installed programmatically and at scale using management tools like Configuration Manager, Microsoft Intune, or Azure Automation Update Management. Other updates must be implemented by hand. Updating for core resources must be scheduled to minimize business disruption. In some mission-critical systems, patches must be thoroughly validated prior to being applied to production.
Progent's support services for patch management provide organizations of all sizes a flexible and affordable alternative for evaluating, validating, scheduling, applying, and tracking software and firmware updates to your dynamic IT network. In addition to optimizing the safety and functionality of your network, Progent's patch management programs free up time for your in-house IT staff to focus on crucial initiatives and tasks that deliver maximum business advantage to your information system.
Patch management is a closed-loop lifecycle critical to your risk management strategy
Progent's Patch Management Activities
Progent provides standard and custom service packages for software and firmware patching. These managed services permit you to outsource some or all of your company's software update management tasks to a network services firm with over 20 years of background providing solution design, implementation, and support to companies of all sizes globally. Progent operates in close conjunction with your network management team to define the critical managed services you require. Programs available from Progent for software update include:
- Discover network assets: This can include business-critical applications such as Exchange and SQL Server, web-facing physical and virtual servers, workstations and mobile endpoints, security devices like VPN controllers, and network infrastructure appliances like switches and Wi-Fi APs.
- Select assets to be managed: Progent will collaborate with you to determine which of your network resources you pick for continuing software update management services. Progent provides a selection of regular service programs that cover certain types of items and Progent can also provide custom programs to accommodate your particular needs.
- Deploy patch management tools: Progent is experienced with a broad selection of patch installation platforms and update inventory databases. Examples of utilities include Azure Update Management for cloud-hosted assets, System Center Configuration Manager for on-prem resources, Microsoft Intune for mobile computers, IT Glue for documentation, as well as a selection of advanced AV platforms. Combined, these tools enable you to automate and monitor updates for IT resources residing in public and private clouds, on-premises, on the move, at district offices, and in the residences of telecommuters.
- Analyze patch status and carry out risk assessment of missing patches: Generally, systems with current patching are more secure and stable than those subject to inconsistent patching. However, occasionally patches are rushed into distribution and carry the ability to disturb essential business processes by causing compatibility issues, system instability, or confusing alterations to user environments. Progent can help you to determine which patches carry a risk to your organization's IT environment, or which updates should be assigned a high priority because they defend against a major security threat. Progent's background providing patch management services can help your organization to maintain a protected network without sacrificing business value.
- Develop a patch management program: Progent's group of consultants can assist in devising and administering a patch management program that aligns with your business requirements. Progent offers pre-defined and custom patch management programs and can assist with automated as well as manual updating. Progent can manage mission-critical resources only, all updateable assets, or anything in between.
- Patch testing: Even the largest networks including Amazon AWS and Microsoft Azure have had widespread outages that resulted from software updates that were not thoroughly tested before being rolled out to live systems. For businesses with no tolerance for service disruption, Progent can help develop pilot systems that permit you to verify that new patches will not cause reliability problems for your network.
- Rank and schedule patches: Progent can help you to decide which patches should be implemented immediately and which can be delayed in order to minimize business interruption. Some worldwide regulatory standards, such as the Payment Card Industry Data Security Standard, require that the most critical cybersecurity updates be implemented within a specified time period.
- Document patch history and status: Progent's regular patch management service programs include the creation of a centralized database for following the patch level of every monitored asset. This streamlines the job of finding where updates can be found and includes patch release dates, release advisories, and additional important information needed for a comprehensive patch management system.
- Troubleshoot update failures: Updates to some core items such as an operating system or application server can cause unexpected compatibility or reliability problems, most commonly with legacy or custom applications or older devices. Progent has the scope of knowledge to assist you to understand and resolve issues that may appear due to implementing an update.
Software Update Management for Infrastructure Appliances from Cisco and Other Vendors
Software updates are frequently developed for network infrastructure appliances like firewalls, routers, switches, and Wi-Fi access points. These updates typically are intended to improve security, enhance functionality, or correct reliability issues. Managing updates for these network appliances can pose a hassle, especially in mixed-vendor environments and networks that have a combination of on-site datacenters, at-home workers, branch offices, and cloud-based assets. Besides tracking and accessing updates, IT managers have to make sure that network appliances have enough free disk space and that patches are loaded uncorrupted and operate properly.
Progent has provided advanced help for Cisco infrastructure products for over twenty years and also can provide expertise for devices from other top vendors such as Juniper, SonicWall, and CheckPoint. Progent's services for software update management can help your organization to consolidate your patching solution to cover infrastructure appliances as well as physical and virtual servers, desktop and mobile endpoints, applications, and IoT items.
Progent offers software update management support for network infrastructure appliances from Cisco and other leading vendors
Progent's Regular and Specialized Patch Management Programs
Progent has developed a variety of regular software update management plans that include backup services, extensive reporting, and documentation. Pricing is determined by the class and number of entities enrolled. Additional services such as building systems for pre-installation patch piloting are billed at normal rates. Custom packages are also available and usually cover unique hardware and/or applications.
PROACTIVE Server Patch Management
Onsite or Private Cloud Server:
Azure Cloud-hosted Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance assessment results for enrolled machines
- Scheduled Patching and Maintenance Maintenance
- License & Resource documentation and management
- Managed Anti-Virus - Current AV system
- Initiate server backup once complete
- Additional Services Invoiced at T&M Rates
- IT Glue access control and resources documentation
On Premises or Virtual Workstation:
- ProSight Availability Tracking
- Operating System & Third Party Patch Management
- Scheduled Patching and Maintenance Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Services Billed at T&M Rates
- IT Glue access management and resources documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Premises or Virtual Workstation Patch Management:
Server or Workstation Security Service-Level Agreement (SLA) - Add on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Initial Patching Event Additional Costs:
First-time updating will have an additional cost per server or network device to enable capture and recording of current update level as well as any more information needed for effectively providing the patching services as defined above. If multiple updates are needed that require extra work for the initial updating, Progent will present any estimates beyond the regular patching cost.
Other Services Available:
Download the Patch Management Services Datasheet
To download a datasheet about the features and benefits of Progent Patch Management Services, click:
Progent Software Update Managed Services Datasheet. (PDF - 330 KB)
Talk to a Progent Expert about Patch Management Solutions
To learn more about Progent's patch management offerings, call Progent at 800-993-9400 or go to Contact Progent.