Download Patch Management: A Panel Discussion

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
Document related concepts

Construction management wikipedia , lookup

Transcript 
Stanford’s
Patch Management
Project
 Ced Bennett
May 17, 2004
Copyright Cedric Bennett 2004. This work is the intellectual property of the author. Permission is granted for
this material to be shared for non-commercial, educational purposes, provided that this copyright statement
appears on the reproduced materials and notice is given that the copying is by permission of the author. To
disseminate otherwise or to republish requires written permission from the author.
Technical Environment

45,000 hosts on Stanford network
 25,000 with various flavors of MS Windows
 Other’s are Unix, Linux, Mac
 Support
 Widely distributed
 Fairly uneven

High speed, high capacity network
 Multiple network feeds
 No perimeter firewall
 Limited filtering at border routers
Precipitating Event

MS RPC vulnerability and patch
 Announced on July 17, 2003
 NetBIOS ports already blocked at border
 “Blaster” attacks began around August 1
 Network attacks blocked at the border
 Multiple instances “walked around” border

After the dust settled




8,000 Windows platforms compromised!
Cost of repair / control > $1,250,000
Cost of lost work / productivity not calculated
Under control before students arrived
Black Cloud

Huge, costly, debilitating event
 Widespread concern
 President, Academic Senate, Administrators
Black Cloud  Silver Lining

Huge, costly, debilitating event
 Widespread concern
 President, Academic Senate, Administrators

Strategy for distributed platforms





Leverage that concern
Develop approaches to prevention
Obtain technical buy-in
Communicate and educate
Implement
Approach and Buy-In

Formed a cross-campus technical
task force
 Included technology leaders from
 Medical School, School of Engineering (Computer
Science), Graduate School of Business, Residential
Computing, Earth Sciences, Internal Audit, ITSS
 Developed the technical approach
 Patch management
 Configuration support
 Controlled network access

Created a Managed Host Security project
Patch Management Project

Product criteria developed by Task Force
 Multi-platform support
 Windows initial focus
 Ability to manage centrally
 But also provide for local control
 Ease of use
 Agent-based
 Strong security model

Examined marketplace alternatives
 Selected BigFix Enterprise Suite (BES)
Patch Management Project

Communication and education
An unpatched system…
… is a disaster waiting to happen!
Photo © 2004 Quantum Corp
(continued)
Patch Management Project

(continued)
Ordered server equipment
 Started working with interim equipment

Developed patch management processes
 Patch Testing
 Central and local responsibilities
 Local console operator training
 Exception handling
 Patch deployment

Agent deployment
 Managing with focus on local control
 Still underway
Related documents
Patch Clamp Technique
Patch Clamp Technique
Patching Information
Patching Information
The New Drug Patch Treatment
The New Drug Patch Treatment
Recent FDA-Approved Drugs 2001
Recent FDA-Approved Drugs 2001
PowerPoint
PowerPoint
Patches - carmelacanzonieri.com
Patches - carmelacanzonieri.com
AP Environmental Science Fall 2016
AP Environmental Science Fall 2016
The Role of Patched in Basal Cell Carcinoma
The Role of Patched in Basal Cell Carcinoma
Appetite Suppressant
Appetite Suppressant
extinct
extinct
Attending the Patch Test Clinic Department of Dermatology, Allergy
Attending the Patch Test Clinic Department of Dermatology, Allergy
Homework 7 Solution.pages
Homework 7 Solution.pages
Butrans Patch
Butrans Patch
Mechanisms involved in spatial and temporal mobility of disease
Mechanisms involved in spatial and temporal mobility of disease
A Novel Local Patch Framework for Fixing Supervised Learning
A Novel Local Patch Framework for Fixing Supervised Learning
divya kanvathirtha
divya kanvathirtha
Patch - University of California, Berkeley
Patch - University of California, Berkeley
Quality control
Quality control
2015 6345 hw1
2015 6345 hw1
Tobacco Treatment Medication Dosing Chart
Tobacco Treatment Medication Dosing Chart
Epidural Blood Patch - Intermountain Healthcare
Epidural Blood Patch - Intermountain Healthcare
summer patch disease of lawn grasses
summer patch disease of lawn grasses