Software Update Management: Challenges and Solutions
Software update management is a vital and complicated process. Prompt and correctly managed patching optimizes security, regulatory compliance, uptime, and capability. Haphazard patch management can cause security vulnerabilities, compatibility problems, slow or inconsistent performance, excessive downtime, or loss of important features. Patching involves more than periodic updates of operating systems and apps for servers and endpoints. Firmware patches can be a vital for peripherals such as printers and scanners, network appliances like switches and Wi-Fi APs, and IoT devices such as sensors and health monitors.
Progent's Patch Management programs can cover IoT devices such as sensors and robotics
The patching task can pose a number of complications that can differ from one environment to the next. Resources that may require patching can be on-premises, in the cloud, on the road, or in the offices of telecommuters. Networks may include any combination of Microsoft Windows, Linux, Apple macOS, and Google operating systems and applications. Some patches can be installed automatically and at scale with management tools like Configuration Manager, Microsoft Intune, or Azure Automation Update Management. Others must be performed by hand. Patching for vital resources must be timed to minimize business disruption. In certain mission-critical environments, updates must be thoroughly tested before being approved for production.
Progent's support services for patch management offer businesses of any size a versatile and cost-effective option for evaluating, testing, scheduling, applying, and tracking updates to your ever-evolving IT network. In addition to maximizing the safety and performance of your IT network, Progent's software and firmware update management programs open up time for your IT team to focus on strategic projects and tasks that return maximum business value to your information system.
Patch management is a closed-loop lifecycle central to your risk management strategy
Progent's Patch Management Activities
Progent offers standard and custom service programs for software and firmware patching. These services permit you to offload part or all of your software update management tasks to an IT consulting firm with more than 20 years of background providing network planning, implementation, and support to companies of all sizes worldwide. Progent operates closely with your IT managers to determine the scope of the managed services you need. Programs available from Progent for software update include:
- Inventory system resources: This can include key applications such as Exchange and SQL Server, web-facing physical and virtual servers, workstations and mobile endpoints, security devices such as VPN controllers, and network devices such as switches and wireless APs.
- Identify resources to be managed: Progent will confer with you to select which of your IT resources you pick for continuing patch management services. Progent provides a selection of regular service programs that cover specific classes of assets and Progent can also provide custom service programs to accommodate your unique needs.
- Implement patch management utilities: Progent is familiar with a broad selection of software update platforms and update tracking databases. Available tools include Azure Update Management for cloud-hosted assets, System Center Configuration Manager for on-prem entities, Intune for mobile devices, IT Glue for IT asset documentation, as well as a selection of modern AV products. Used together, these products allow you to automate and monitor updates for network assets located in public and private clouds, on site, on the move, at district offices, and in the residences of at-home workers.
- Analyze update currency and carry out risk analysis of missing updates: For the most part, environments with current patching are more protected and dependable than those with inconsistent patching. Still, some patches are hurried into distribution and have the potential to disturb essential network processes by introducing compatibility problems, system shutdowns, or confusing changes to user experiences. Progent can assist clients to assess which updates pose a risk to your organization's network, or which updates should be assigned a high priority because they block a major cybersecurity attack. Progent's experience providing patch management services can help you to administer a secure computer system without compromising business value.
- Create a software update management program: Progent's group of experts can help in devising and managing a patch management program that aligns with your business requirements. Progent offers standard and custom patch management programs and can help with programmatic as well as manual patching. Progent can manage mission-critical assets exclusively, all patchable assets, or somewhere in between.
- Patch testing: Even the world's largest networks such as Amazon AWS and Azure have experienced major outages caused by software updates that were not sufficiently tested before being applied to live environments. For businesses with no tolerance for service disruption, Progent can help develop pilot systems that allow you to verify that the latest patches will not cause reliability issues for your IT system.
- Prioritize and schedule updates: Progent can help you to determine which updates should be performed quickly and which can be safely delayed in order to minimize service disruption. Some key industry standards, like the Payment Card Industry (PCI) Data Security Standard, require that critical cybersecurity updates be installed inside a certain timeframe.
- Document update history and status: Progent's standard patch management service programs include creating a centralized database for tracking the update level of every subscribed resource. This streamlines the job of locating where software, firmware, or driver updates can be downloaded and includes release dates, related advisories, and additional important information needed for a complete update management system.
- Fix update failures: Patches to some core items like an OS or application server can cause unexpected compatibility or reliability problems, especially with legacy or home-grown applications or older hardware. Progent has the breadth of experience to assist you to understand and mitigate issues that may appear as a result of implementing a software update.
Software Update Management for Infrastructure Appliances from Cisco and Other Vendors
Software and firmware updates are frequently developed for infrastructure appliances such as firewalls, routers, wireless controllers, and Wi-Fi access points. These updates usually are intended to harden security, add or fix features, or mitigate stability and compatibility problems. Managing updates for these network devices can pose a hassle, especially in multi-vendor environments and systems that include a mixture of on-site data centers, at-home workers, branch offices, and cloud-based assets. Besides tracking and accessing the latest updates, IT managers must verify that infrastructure devices have sufficient free disk storage and that updates are loaded uncorrupted and work correctly.
Progent has delivered advanced assistance for Cisco networking products for over twenty years and also offers expertise for products from other leading network companies such as Palo Alto Networks, Fortinet, and WatchGuard. Progent's end-to-end services for software update management can help your organization to expand your software update solution to include infrastructure appliances along with physical and virtual servers, desktop and mobile endpoints, apps, and Internet-of-Things items.
Progent can provide software update management support for network infrastructure appliances from Cisco and other leading vendors
Progent's Regular and Custom Software Update Management Services
Progent provides a range of standard software update management packages that include backup, reporting, and thorough documentation. Cost is determined by the class and number of entities enrolled. Additional support including building environments for initial software update testing are billed at normal rates. Custom packages are also offered and usually cover unique hardware and/or applications.
PROACTIVE Server Software Update Management
Onsite or Private Cloud Server:
Microsoft Azure Cloud-hosted Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance assessment results for enrolled machines
- Scheduled Patching and Maintenance Maintenance
- License & Asset documentation and management
- Managed Anti-Virus - Current AV system
- Initiate server backup once complete
- Additional Support Invoiced at time and material Rates
- IT Glue access management and resources documentation
On Premises or Virtual Workstation:
- ProSight Availability Tracking
- OS & Third Party Patch Management
- Scheduled Patching and Maintenance Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Support Invoiced at time and material Rates
- IT Glue access control and resources documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Premises or Virtual Workstation Patch Management:
Server or Workstation Security Service-Level Agreement - Add on service
Security Critical Patches - completed within 48 hours of Progent being notified - invoiced only when needed
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security SLA - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Initial Patching Event Additional Costs:
Initial patching will be subject to an additional cost per server or network item to enable capture and documentation of current patch level and any other documentation necessary for properly providing the patching services as defined previously. If multiple patches are necessary that demand extra work for the initial patching, Progent will provide any estimates beyond the standard update cost.
Other Services Available:
Download Progent's Software Update Managed Services Datasheet
To download a datasheet describing Progent Software Update Managed Services, click:
Progent Patch Management Services Datasheet. (PDF - 330 KB)
Talk to a Progent Expert about Software/Firmware Update Management Services
To learn additional information about Progent's software/firmware update management services, call Progent at 800-993-9400 or go to Contact Progent.