BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Automating Scanner Updates

Posted September 15, 2011    Morey Haber

Software is written by people and inevitably has mistakes and requires maintenance. This maintenance can be in the form of security updates to patch vulnerabilities, service packs and hot fixes to correct functional problems, and general maintenance to cover required updates for signatures and other time-dependent functions. When working with security solutions, detection methods often rely on signature databases (of some sort) for identification, classification, and correlation of revenant data. As new threats emerge, these signatures need to be updated frequently and applied to the solution. These updates are commonly found in anti-virus tools, intrusion prevention solutions, and audit databases present in vulnerability assessment solutions. Verifying that your security tools have the latest approved releases helps identify emerging threats. Automating this maintenance and verifying the accuracy of the updates can be labor intensive and error prone if not properly managed. Referential integrity problems can occur if multiple deployments of the solution are all running different code bases.

For eEye solutions, Retina has a mature product for managing this problem. The Enterprise Update Server (EUS) is a back office utility for downloading updates (binary and audit) and managing them for distribution to all vulnerability assessment scanners, management consoles, and endpoint agents. This tool has the following enterprise-ready functionality:

  • Notification via email when updates are ready for download or have been applied to the distribution queue.
  • License key management for downloading updates to authorized installations.
  • Role-based access for distribution functions.
  • User auditing of update server features and login attempts.
  • SSL access for management and maintenance update distribution.
  • User selectable version control for updates.
  • Fully automated distribution of updates or manual procedures for integration into existing change control processes.
  • Support for internet proxies and tiering of multiple Enterprise Update Servers.
  • Support for fully or partially deployed air gapped networks (Off Line)

As illustrated above, EUS allows complete control of maintenance updates and versions for all eEye solutions. Users can select “To Always Use The Latest Version” or freeze a product, audit, or signatures at a specific version based on internal change control requirements. In addition, the solution ships as software or preloaded on eEye’s UVM20 Retina CS Management Console appliance for rapid deployment and a quick return on investment.

When it comes to automating and managing vulnerability assessment scanners and endpoint protection solution updates, eEye understands what it is to be enterprise ready. Our solutions have been deployed in installations with millions of assets and businesses with only a few IP addresses. Scaling to meet any requirements is critical and managing the versions of software you have deployed can be made simple using the extensive functionality found in the Enterprise Update Server.

For more information on the Enterprise Update Server and how eEye can help your business, please click here. We can help and have a proven track record in even the most demanding and complex environments.

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,