Software Update Management: Challenges and Solutions
Patch management is a vital and complex task. Prompt and properly managed updating optimizes security, regulatory compliance, availability, and capability. Haphazard software update management can cause security gaps, compatibility issues, slow or inconsistent responsiveness, needless offline stretches, or loss of key features. Patching entails more than periodic updates of an OS and apps for servers and user machines. Firmware updates can be a vital for peripherals like printers and scanners, network infrastructure appliances such as routers and Wi-Fi APs, and IoT devices like sensors and health monitors.
Progent's Patch Management services can cover IoT devices like alarms and health monitors
The update process can present a range of complications that can differ for various environments. IT resources that could need updating can be on site, in a public or private cloud, on the road, or in the offices of remote workers. Environments may support any combination of Windows, Linux, Apple, and Google operating systems and apps. Some updates can be implemented programmatically and at virtually any scale with management tools such as Configuration Manager, Microsoft Intune, or Azure Update Management. Others must be performed manually. Updating for core systems must be timed to minimize business disruption. In some mission-critical environments, patches must be thoroughly tested prior to being applied to production.
Progent's managed services for software and firmware patch management provide organizations of all sizes a versatile and cost-effective solution for assessing, validating, scheduling, implementing, and tracking software and firmware updates to your ever-evolving IT system. Besides maximizing the safety and functionality of your IT network, Progent's software and firmware update management services free up time for your in-house IT team to focus on crucial projects and tasks that return maximum business advantage to your network.
Patch management is a closed-loop activity central to your risk management plan
Progent's Patch Management Processes
Progent offers regular and specialized service packages for software and firmware patching. These managed services permit you to outsource part or all of your software update management activity to a network support firm with more than 20 years of experience providing solution design, implementation, and maintenance to companies of all sizes worldwide. Progent works in close conjunction with your network managers to determine the scope of the managed services you need. Programs available from Progent for patch include:
- Discover system resources: This can include business-critical platforms like Microsoft Exchange and SQL, web-facing physical and virtual servers, workstations and mobile endpoints, security devices such as firewalls, and network infrastructure devices such as switches and wireless APs.
- Determine assets to be placed under management: Progent will collaborate with you to identify which of your IT assets you pick for ongoing software update management services. Progent offers a selection of standard service programs that cover certain classes of items and Progent can also provide custom service programs to meet your unique needs.
- Implement patch management tools: Progent is familiar with a broad range of software update platforms and update inventory databases. Available tools include Azure Update for cloud-based resources, Microsoft Configuration Manager for local entities, Microsoft Intune for mobile devices, IT Glue for documentation, plus an arsenal of advanced anti-virus platforms. Together, these products allow you to deploy and track patches for IT assets located in cloud environments, on site, on the move, at branch offices, and in the residences of at-home workers.
- Determine patch currency and perform risk assessment of uninstalled patches: For the most part, systems with up-to-date patching are more secure and stable than those with inconsistent patching. However, some patches are hurried into distribution and have the ability to disturb vital network operations by causing compatibility issues, system instability, or confusing changes to user experiences. Progent can help you to assess which patches carry a risk to your organization's IT environment, or which patches should be given a high priority because they block a major cybersecurity threat. Progent's experience providing patch management services can help your organization to administer a safe computer system without compromising business value.
- Develop a patch management program: Progent's team of experts can help in devising and managing a patch management program that aligns with your business requirements. Progent offers pre-defined and custom patch management service programs and can assist with both programmatic as well as manual updating. Progent can manage business-critical resources only, all patchable resources, or anything in between.
- Patch validation: Even the biggest networks including Amazon AWS and Microsoft Azure have experienced widespread outages that resulted from updates that were not sufficiently tested before being applied to production environments. For organizations with no tolerance for service disruption, Progent can help develop test environments that allow you to make sure that the latest updates will not cause stability problems for your IT system.
- Prioritize and schedule updates: Progent can assist you to decide which patches should be implemented immediately and which can be delayed so as to reduce service disruption. Certain key industry standards, such as the PCI Data Security Standard, mandate that critical security patches be implemented inside a certain timeframe.
- Document update history and status: Progent's regular update management programs include creating a centralized database for following the patch level of every subscribed asset. This simplifies the task of finding where software, firmware, or driver updates can be found and specifies release dates, release notes, and other important data required for a comprehensive update management solution.
- Troubleshoot update problems: Updates to some core entities such as an OS or application server can result in unforeseen compatibility or reliability problems, most commonly with legacy or custom software or older hardware. Progent has the scope of knowledge to assist you to identify and resolve issues that may crop up due to implementing a patch.
Software Update Management for Network Infrastructure Devices from Cisco and Other Providers
Software updates are frequently developed for network appliances like firewalls, routers, switches, and wireless access points. These patches typically are intended to harden cybersecurity, enhance functionality, or mitigate reliability problems. Managing patches for these network infrastructure devices can pose a challenge, particularly in multi-vendor environments and networks that include a combination of on-premises data centers, telecommuters, branch offices, and cloud-based resources. Besides tracking and accessing updates, network managers have to ensure that infrastructure appliances have enough disk storage and that updates are loaded uncorrupted and work properly.
Progent has delivered advanced help for Cisco networking products for more than twenty years and also offers technical guidance for products from other top vendors such as Palo Alto Networks, SonicWall, and WatchGuard. Progent's services for patch management can help you to expand your software update system to include network appliances along with physical and virtual servers, endpoints, applications software, and Internet-of-Things items.
Progent can provide software update management expertise for network devices from Cisco and other vendors
Progent's Regular and Custom Patch Management Programs
Progent offers a range of regular software update management plans that include backup services, extensive reporting, and documentation. Cost is based on the class and number of devices covered. Extra support including creating environments for initial software update piloting are invoiced at time and material rates. Custom plans are also available and usually handle unique hardware and/or apps.
PROACTIVE Server Patch Management Services
On Premises or Private Cloud-hosted Server:
Microsoft Azure Cloud-hosted Servers Patch Management:
- Compliance scan of Windows and Linux servers
- Update compliance assessment results for enabled machines
- Scheduled Patching and Preventative Maintenance
- License & Asset reporting and management
- Managed Anti-Virus - Current AV system
- Initiate server backup once complete
- Additional Services Billed at T&M Rates
- IT Glue access management and asset documentation
On Premises or Virtual Workstation:
- ProSight Availability Tracking
- OS & 3rd Party Patch Management
- Scheduled Patching and Maintenance Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Services Invoiced at time and material Rates
- IT Glue access control and asset documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Premises or Virtual Workstation Patch Management:
Server or Workstation Security SLA - Add on service
Security Critical Patches - completed within 48 hours of Progent being notified - invoiced only when needed
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Initial Patching Event Additional Costs:
Initial patching will have an extra cost for each server or network device to provide for review and recording of current update level and any other documentation needed for effectively managing the patching services as described previously. If multiple patches are needed that require additional work for the initial patching, Progent will provide any cost estimates beyond the regular update cost.
Additional Services Available:
Download the Software Update Managed Services Datasheet
For a datasheet about the features and benefits of Progent Patch Management Services, click:
Progent Software Update Managed Services Datasheet. (PDF - 330 KB)
Talk to a Progent Expert about Patch Management Solutions
To learn additional information about Progent's software/firmware update management services, call Progent at 800-993-9400 or see Contact Progent.