BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Automating Scanner Updates

Posted September 15, 2011    Morey Haber

Software is written by people and inevitably has mistakes and requires maintenance. This maintenance can be in the form of security updates to patch vulnerabilities, service packs and hot fixes to correct functional problems, and general maintenance to cover required updates for signatures and other time-dependent functions. When working with security solutions, detection methods often rely on signature databases (of some sort) for identification, classification, and correlation of revenant data. As new threats emerge, these signatures need to be updated frequently and applied to the solution. These updates are commonly found in anti-virus tools, intrusion prevention solutions, and audit databases present in vulnerability assessment solutions. Verifying that your security tools have the latest approved releases helps identify emerging threats. Automating this maintenance and verifying the accuracy of the updates can be labor intensive and error prone if not properly managed. Referential integrity problems can occur if multiple deployments of the solution are all running different code bases.

For eEye solutions, Retina has a mature product for managing this problem. The Enterprise Update Server (EUS) is a back office utility for downloading updates (binary and audit) and managing them for distribution to all vulnerability assessment scanners, management consoles, and endpoint agents. This tool has the following enterprise-ready functionality:

  • Notification via email when updates are ready for download or have been applied to the distribution queue.
  • License key management for downloading updates to authorized installations.
  • Role-based access for distribution functions.
  • User auditing of update server features and login attempts.
  • SSL access for management and maintenance update distribution.
  • User selectable version control for updates.
  • Fully automated distribution of updates or manual procedures for integration into existing change control processes.
  • Support for internet proxies and tiering of multiple Enterprise Update Servers.
  • Support for fully or partially deployed air gapped networks (Off Line)

As illustrated above, EUS allows complete control of maintenance updates and versions for all eEye solutions. Users can select “To Always Use The Latest Version” or freeze a product, audit, or signatures at a specific version based on internal change control requirements. In addition, the solution ships as software or preloaded on eEye’s UVM20 Retina CS Management Console appliance for rapid deployment and a quick return on investment.

When it comes to automating and managing vulnerability assessment scanners and endpoint protection solution updates, eEye understands what it is to be enterprise ready. Our solutions have been deployed in installations with millions of assets and businesses with only a few IP addresses. Scaling to meet any requirements is critical and managing the versions of software you have deployed can be made simple using the extensive functionality found in the Enterprise Update Server.

For more information on the Enterprise Update Server and how eEye can help your business, please click here. We can help and have a proven track record in even the most demanding and complex environments.

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,