Patch Management: Problems and Benefits
Software update management is a vital and complicated process. Prompt and correctly managed updating maximizes cybersecurity, compliance, uptime, and capability. Haphazard patch management can result in security gaps, compatibility issues, sluggish or inconsistent responsiveness, unnecessary offline stretches, or loss of key functions. Patching entails more than periodic updates of an OS and applications for servers and user machines. Firmware patches can be a vital for peripheral devices such as printers and scanners, infrastructure appliances such as switches and Wi-Fi APs, and IoT devices like alarms and health monitors.
Progent's Patch Management programs can cover IoT devices such as sensors and health monitors
The update task can pose a number of challenges that can differ from one environment to the next. IT resources that could need patching can reside on site, in a public or private cloud, on the road, or in the homes of telecommuters. Environments may support a combination of Microsoft Windows, Linux, Apple, and Google operating systems and apps. Some updates can be installed programmatically and at virtually any scale with tools like Configuration Manager, Microsoft Intune, or Azure Automation Update. Others must be implemented manually. Patching for core resources must be timed to minimize business interruption. For some mission-critical environments, updates must be thoroughly validated prior to being applied to production.
Progent's managed services for software and firmware patch management offer businesses of any size a flexible and affordable solution for evaluating, validating, scheduling, applying, and tracking updates to your dynamic information network. Besides maximizing the safety and performance of your network, Progent's software and firmware update management services free up time for your in-house IT team to concentrate on crucial initiatives that return maximum business advantage to your information system.
Patch management is a closed-loop process critical to your risk management plan
Progent's Patch Management Activities
Progent offers regular and custom service packages for patch management. These managed services permit you to outsource a portion or all of your company's software update management tasks to an IT services firm with more than 20 years of background delivering network design, implementation, and support to businesses of all sizes worldwide. Progent works closely with your network managers to define the scope of the managed services you need. Services available from Progent for patch include:
- Inventory network assets: This can cover key platforms such as Exchange and SQL, web-facing physical and virtual servers, desktops and mobile endpoints, security appliances like firewalls, and network devices like switches and wireless access points.
- Select assets to be managed: Progent's experts will work with you to identify which of your network resources you choose for continuing software update management services. Progent provides a variety of standard programs that cover specific classes of items and Progent can also create custom service programs to accommodate your unique requirements.
- Deploy software update management tools: Progent is familiar with a broad range of software update tools and patch inventory reporting systems. Examples of utilities include Azure Update Management for cloud-hosted resources, Microsoft Configuration Manager for local resources, Intune for mobile devices, IT Glue for IT asset documentation, plus a selection of advanced AV products. Used together, these products allow you to deploy and monitor patches for IT assets residing in cloud environments, on site, on the road, at district offices, and in the houses of at-home workers.
- Determine patch currency and perform risk analysis of missing updates: Generally, environments with up-to-date patching are more secure and stable than those subject to sporadic updates. Still, occasionally patches are rushed into production and have the potential to disrupt essential business operations by introducing compatibility issues, system shutdowns, or confusing changes to user environments. Progent can assist you to assess which patches pose a risk to your company's network, or which updates should be assigned a high priority because they block a major cybersecurity attack. Progent's background providing update management services can assist your organization to administer a protected network without compromising productivity.
- Develop a patch management service program: Progent's team of experts can help in designing and managing a software update management service program that fits your business requirements. Progent offers pre-defined and custom software update management service programs and can assist with both automated and manual updating. Progent can handle mission-critical assets only, all updateable assets, or anything in between.
- Patch validation: Even the largest networks including Amazon AWS and Microsoft Azure have had widespread outages that resulted from updates that were not thoroughly tested before being applied to production environments. For businesses with zero room for service disruption, Progent can help create test environments that permit you to make sure that new patches will not cause stability issues for your IT system.
- Prioritize and schedule patches: Progent can assist you to decide which updates should be implemented quickly and which can be delayed so as to reduce business interruption. Some worldwide industry standards, like the Payment Card Industry Data Security Standard, require that critical security patches be installed inside a specified timeframe.
- Track patch history and status: Progent's standard patch management programs include the creation of a centralized knowledge base for tracking the update level of every monitored asset. This streamlines the task of finding where updates can be accessed and includes patch release dates, release advisories, and other important information required for a comprehensive update management solution.
- Troubleshoot update problems: Updates to some core resources such as an operating system or app server can cause unexpected compatibility or reliability problems, particularly with legacy or home-grown applications or older hardware. Progent has the breadth of experience to assist you to identify and mitigate problems that may appear as a result of implementing an update.
Software Update Management for Network Appliances from Cisco and Other Vendors
Software and firmware patches are regularly developed for network infrastructure devices like firewalls, routers, wireless controllers, and wireless access points. These patches typically are intended to improve cybersecurity, add or fix features, or mitigate stability and compatibility issues. Managing patches for these infrastructure devices can be a hassle, especially in mixed-vendor networks and systems that have a mixture of on-premises data centers, at-home workers, branch offices, and cloud-based resources. In addition to monitoring and accessing updates, network managers must verify that network devices have sufficient free disk storage and that updates are loaded cleanly and operate properly.
Progent has provided advanced support for Cisco networking products for over two decades and also can provide expertise for products from other major network companies such as Juniper, SonicWall, and WatchGuard. Progent's end-to-end services for patch management can help your organization to consolidate your software update system to include network appliances along with servers, desktop and mobile endpoints, applications, and Internet-of-Things items.
Progent can provide patch management support for infrastructure appliances from Cisco and other leading vendors
Progent's Regular and Specialized Software Update Management Plans
Progent offers a variety of standard patch management packages that include scheduled backup, extensive reporting, and documentation. Cost is determined by the type and number of entities enrolled. Additional services including building environments for initial software update testing are invoiced at normal rates. Custom packages are also offered and typically handle unique devices and/or apps.
PROACTIVE Server Software Update Management Services
On Prem or Private Cloud-hosted Server:
Microsoft Azure Cloud Servers Patch Management:
- Compliance scan of all Windows and Linux servers
- Update compliance assessment results for enabled machines
- Scheduled Patching and Maintenance Maintenance
- License & Asset reporting and management
- Managed Anti-Virus - Current AV system
- Initiate server backup once complete
- Additional Support Invoiced at time and material Rates
- IT Glue access management and asset documentation
On Prem or Virtual Workstation:
- ProSight Availability Monitoring
- OS & Third Party Patch Management
- Scheduled Patching and Preventative Maintenance
- Managed Anti-Virus - current AV system
- Hosted Anti-Spam - Spam Hero
- Additional Services Invoiced at time and material Rates
- IT Glue access management and asset documentation
BASIC Server Patch Management
Managed Patch both Physical and Virtual Servers:
On Premises or Virtual Workstation Patch Management:
Server or Workstation Security SLA - Add on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
PROACTIVE Network Device Patching
Internet Facing Hardware - Managed Devices (Security appliances, firewalls, routers):
Internal Network Hardware - Managed devices (wireless controllers, Wi-Fi access points, switches):
Network Device Security Service-Level Agreement - Add-on service
Security Critical Patches - applied within 48 hours of Progent being notified - invoiced only when needed
Initial Patching Event Additional Costs:
Initial updating will be subject to an additional cost per server or network device to enable review and documentation of current patch level and any more documentation required for properly providing the patching services as described previously. If multiple updates are needed that require extra time for the initial updating, Progent will provide any estimates beyond the normal patching cost.
Other Services Available:
Download the Patch Management Services Datasheet
To download a datasheet describing Progent Software Update Managed Services, click:
Progent Patch Management Services Datasheet. (PDF - 330 KB)
Contact a Progent Expert about Software/Firmware Update Management Solutions
To find out additional information about Progent's software/firmware update management offerings, call Progent at 800-993-9400 or visit Contact Progent.