BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Automating Scanner Updates

Posted September 15, 2011    Morey Haber

Software is written by people and inevitably has mistakes and requires maintenance. This maintenance can be in the form of security updates to patch vulnerabilities, service packs and hot fixes to correct functional problems, and general maintenance to cover required updates for signatures and other time-dependent functions. When working with security solutions, detection methods often rely on signature databases (of some sort) for identification, classification, and correlation of revenant data. As new threats emerge, these signatures need to be updated frequently and applied to the solution. These updates are commonly found in anti-virus tools, intrusion prevention solutions, and audit databases present in vulnerability assessment solutions. Verifying that your security tools have the latest approved releases helps identify emerging threats. Automating this maintenance and verifying the accuracy of the updates can be labor intensive and error prone if not properly managed. Referential integrity problems can occur if multiple deployments of the solution are all running different code bases.

For eEye solutions, Retina has a mature product for managing this problem. The Enterprise Update Server (EUS) is a back office utility for downloading updates (binary and audit) and managing them for distribution to all vulnerability assessment scanners, management consoles, and endpoint agents. This tool has the following enterprise-ready functionality:

  • Notification via email when updates are ready for download or have been applied to the distribution queue.
  • License key management for downloading updates to authorized installations.
  • Role-based access for distribution functions.
  • User auditing of update server features and login attempts.
  • SSL access for management and maintenance update distribution.
  • User selectable version control for updates.
  • Fully automated distribution of updates or manual procedures for integration into existing change control processes.
  • Support for internet proxies and tiering of multiple Enterprise Update Servers.
  • Support for fully or partially deployed air gapped networks (Off Line)

As illustrated above, EUS allows complete control of maintenance updates and versions for all eEye solutions. Users can select “To Always Use The Latest Version” or freeze a product, audit, or signatures at a specific version based on internal change control requirements. In addition, the solution ships as software or preloaded on eEye’s UVM20 Retina CS Management Console appliance for rapid deployment and a quick return on investment.

When it comes to automating and managing vulnerability assessment scanners and endpoint protection solution updates, eEye understands what it is to be enterprise ready. Our solutions have been deployed in installations with millions of assets and businesses with only a few IP addresses. Scaling to meet any requirements is critical and managing the versions of software you have deployed can be made simple using the extensive functionality found in the Enterprise Update Server.

For more information on the Enterprise Update Server and how eEye can help your business, please click here. We can help and have a proven track record in even the most demanding and complex environments.

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,