Patch Management and

1

• Patch Management and
• HFNetChkPro 4.0
• Eric SchultzeDirector of Product
  DevelopmentShavlik Technologieseric_at_shavlik.com

2
Shavlik at a Glance

• Founded in 1993, Shavlik is a privately held,
  profitable, security products and consulting firm
  
• Mark Shavlik, founder, was an initial member of
  the Windows NT development team
• Continued deep Microsoft affiliation
• Shavlik created HFNetChk and Microsoft Baseline
  Security Analyzer (MBSA) for Microsoft
• HFNetChk technology has been licensed to
  Microsoft for use in MBSA and the SMS 2.0 SUS
  Feature Pack
• Eric Schultze, Shavliks RD director, was a
  member of the Microsoft Security Response Center
  (secure_at_microsoft.com), and the Microsoft
  Trustworthy Computing Team

"The Shavlik and Microsoft teams have
collaborated to create a strong security solution
that will help our customers operate more
securely. - Steve Lipner, Director, Microsoft
Windows Security
3
The Patch Management Topic

• Patches, Policies, Push to alleviate the pain
• Shavlik helps
• determine a patch has been released
• determine which patches are most important
• identify the machines that are in need of the
  patches
• deploy the patch to remote machines
• provide reports on the state of your network
  health
• enable accountability for who did what and when

4
Shavlik HFNetChk Products

• HFNetChk.exe Free command-line version
  available from multiple download sites
• Over 4 million downloads
• HFNetChkPro (Free Version) - fully-functional
  version of HFNetChkPro 4.0 with deployments to 10
  machines
• Over 75,000 registered users
• HFNetChkPro 4.0 Industry-standard, agent-less
  patch management solution
• Over 3,000 customers

5
Shavliks Patch Management Solution - HFNetChkPro

• HFNetChkPro is an agent-less patch management
  solution that enables administrators to manage
  extensive numbers of security patches on large
  networks from a central location
• An automated, advanced patch management tool
• Advises on patch importance and severity using
  extensive third-party information and customer
  information
• Quickly identifies missing security patches
  within hours of release of new security bulletins
• Securely pushes patches to trouble spots from
  centralized location as soon as an update is
  issued
• Provides significant time savings in dealing with
  the large number of security patches system
  administrators must manage

"Patching tasks that would take two systems
administrators the better part of a day are now
accomplished in 30 minutes." - Andrew Nielson,
Raytheon Technical Services.
6
HFNetChkPro Patch Management Workflow Model

1. Research, Rate and Rank
2. Test
3. Scan/Assess
4. Remediate (manage by patch or machine)
5. Validate
6. Report
7. Accountability

HFNetChkPro 4.0 is very intuitive, powerful and
complete. The products simplicity takes a
difficult and time consuming process patch
installation and deployment and turns it into
an effortless task. - Dan Lefebvre, senior
network administrator for Advanced Monolithic
Systems, Inc.
7
How HFNetChk relates to SUS and SMS Solutions

• Windows Update
• Agent-based solution for OS, IE, IIS, MDAC, JVM,
  etc
• SUS
• Corporate version of WindowsUpdate
• HFNetChk can assist with validation of SUS
  deployments and can provide reports on current
  patch status (whos patched, whos not)
• SMS 2.0 SUS Feature Pack
• Uses hfnetchk.exe (mbsacli.exe /hf) for
  assessment function
• HFNetChkPro assists by scanning machines not
  managed by SMS

8
Why Shavlik?

• Commitment work directly with the experts.
  Weve hired the best and brightest to build a
  superior product and offer great support
• Knowledge management we provide extensive
  information to save research time and help you
  understand the importance of each patch to your
  unique environment
• Third-party analysis provided real-time from
  TruSecure
• Includes Microsoft severity ratings, Bugtraq ID
  numbers and CVE ID numbers
• Five levels of custom-criticality options allow
  for efficient management of patches
• Patch and machine annotation for effective
  collaboration
• http//www.shavlik.com/bulletin_search.aspx

9
Why Shavlik?

• Shavlik utilizes patch data from XML database
  available for anyone to view, read, or use
• Shavlik products fully support TCP/IP
• Scan by Machinename, Domainname, IP Range, IP
  Address, input files, etc.
• HFNetChkPro 4.0 offers robust support for batch
  scripting and custom command lines. It also
  supports database output and history creation

10
Why Shavlik?

• HFNetChkPro 4.0 provides extensive accountability
  and patch management assurance
• HFNetChkPro 4.0 reports on the state of your
  network health
• Complete patch management history stored in an
  open SQL Server database that you can extend with
  your own reports
• Our solution automatically monitors compliance
  with patch management policies

11
Financial Impact

• HFNetChkPro 4.0 customers are experiencing
  drastic reductions in the time it takes to get
  patched
• "We are extremely impressed with the
  improvements HFNetChkPro 4.0 brings to our patch
  management process. Previously, patching servers
  and workstations had been sporadic with
  unreliable results, and tracking the patching
  process was impossible. Patch management was
  taking us over 20 hours a week.
• With Shavliks new HFNetChkPro 4.0, that work is
  done in just a few hours a week, and the results
  are more reliable. Also, the ability to provide
  comprehensive reports and executive summaries to
  our CIO saves our administrators significant time
  tracking and answering questions about progress
  against our patch management goals.
• - Jay Winks, systems specialist with Teksouth
  Corporation

12
On the Horizon

• FASTER
• Support for German, French, and Japanese patches
• Total control over reboot options
• Enhanced Support for Office patches
• Agents
• Charts / Graphs and Executive Reports
• Support for Unix and Linux patches

13
Contact Information

• Eric Schultzeeric_at_shavlik.com651-426-6624