This document discusses Ivanti's patch management solutions for enabling remote workers. It describes how the rise in remote work has increased security risks from unpatched systems. Ivanti offers several products that can help organizations continuously patch systems whether in the office or remote. These include Ivanti Patch for SCCM, Patch for Endpoint Manager, standalone patching, and Security Controls for comprehensive vulnerability management. The solutions allow organizations to securely patch remote desktops, servers, and other systems without requiring a VPN.
3. Who are we
Nicklas Isaksson
Sr. Sales Engineer
Peter Hensdal
Territory Manager – SE+FI
Pierre Blom
Regional Director- Nordics
4.
5. The Enterprise BeforeThe Enterprise Now
Internet
VPN
• Home Working Increase
• More Remote Meetings
• Maintain Productivity
• Additional Security
6. Enabling Your Remote Worker
Business Problems:
1. Increase in Remote Users
2. Saturated VPN connections
3. Business Continuity
IT Problems:
1. Keep Them Secure
2. Keep Them Productive
3. Deliver IT Services Remotely
4. Keep insight
7.
8. of attacks use publicly known
vulnerabilities in commercial
software that could be prevented
by regular patching.
Center for Strategic &
International Studies
“
”
75%
10. FIRST 5 CIS CONTROLS - #3
CIS & other agencies prioritize these five elements of cyber hygiene to significantly reduce security threats.
I n v e n t o r y a n d C o n t r o l o f H a r d w a r e A s s e t s
I n v e n t o r y a n d C o n t r o l o f S o f t w a r e A s s e t s
C o n t r o l l e d U s e o f A d m i n i s t r a t i v e P r i v i l e g e s
C o n t i n u o u s V u l n e r a b i l i t y M a n a g e m e n t
S e c u r e C o n f i g u r a t i o n
11. IN 2019 THE AVERAGE TIME FROM VULNERABILITY DISCLOSURE TO EXPLOIT IS NOW 14 DAYS
AND EVER DECREASING
GARTNER PREDICTS BY 2022 90% OF VULNERABILITIES EXPLOITED WILL BE KNOWN TO ADMIN
AT TIME OF EXPLOIT
WHY IS THAT?
• PATCHES NOT BEING ROLLED OUT FAST ENOUGH
• PATCH MANAGEMENT PROCESS IS A TIME CONSUMING ACTIVITY
• BAD GUYS GETTING BETTER AT EXPLOITING CODE
• COMPANIES NOT MANAGING RISK
• LACK OF SECURITY RESOURCE
THE ENEMY THAT IS TIME
13. Ivanti Patch Products
• Patch the datacenter and remote desktops
• Agentless or Agent based
• Support Windows, RedHat, CentOS
• VMware ESX and VM’s patching
• Standalone patch for local and remote desktops and servers
• Supports Windows, MacOS, Linux
• Add-on to Endpoint Manager
• Third-party patching for Microsoft SCCM
14. Which Ivanti solution would you like to know more about?
Patch for SCCM
Patch for EPM Patch intelligence
Security Controls
30. Internet
Cloud Service
Appliance(s)
No VPN Required
Patch compliancy insights
Centralized Patch Repository
Download patches over CSA or direct from Vendor
Secure Remote Worker Productivity
41. Remote Worker offer
Free offer until 31st October 2020
Additional support and insight to maintain control over your remote
workers.
Contact your Territory Manager for more information.
Peter.hensdal@ivanti.com or +46 705513920.
1
Discover Provide Insight Take Action
2 3
The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today's most pervasive and dangerous attacks. A principal benefit of the Controls is that they prioritize and focus a smaller number of actions with high pay-off results.
The Controls are effective because they are derived from the most common attack patterns highlighted in the leading threat reports and vetted across a very broad community of government and industry practitioners. They were created by the people who know how attacks work - NSA Red and Blue teams, the US Department of Energy nuclear energy labs, law enforcement organizations and some of the nation's top forensics and incident response organizations - to answer the question, "what do we need to do to stop known attacks." That group of experts reached consensus and today we have the most current Controls.
The key to the continued value is that the Controls are updated based on new attacks that are identified and analyzed by groups from Verizon to Symantec so the Controls can stop or mitigate those attacks.
The Controls take the best-in-class threat data and transform it into actionable guidance to improve individual and collective security in cyberspace. Too often in cybersecurity, it seems the "bad guys" are better organized and collaborate more closely than the "good guys." The Controls provide a means to turn that around.
Extensive software catalog - Patch most vulnerable enterprise software titles
Native plug-in for SCCM - View third-party patches and control the patching process all from within the SCCM console.
No added infrastructure - Leverage your existing investment in SCCM by using the same mechanisms already in place for software patching.
Compliance reporting - Use SCCM reporting to view the status of the delivery of third-party patches.
Ease of use - Never leave the SCCM console to deploy third-party patches. A simple click deploys third-party software updates.
Pre-tested packages - Ivanti patching database leads the industry in extensive pre-download testing. Be confident in patching.
Let’s take a look at the Patching process
Build 1
We are software installed on a physical or virtual server
The console provides admin access to create and manage your Protect environment
Build 2
The server is connected to the internet
Build 3
New patches come out from MS and 3rd party companies
Build 4 – 5 - 6
The Ivanti content team creates the Patch Content XML
That XML is downloaded to the Protect server automatically
Build 7
Machine Groups allow you to organize the machines you want to manage
Build 8
The patch scan will find installed OS, MS applications and 3rd party apps
protect will determine what patches are missing and display as a list of missing patches for each machine
Build 9
The results of the scan can be viewed
Build 10
Patch for Windows will download the required patch files from the venders for you
They are downloaded to a central repository
Then deployed to each machine for installation. We are trying to minimum the total of reboots, installing as many patches as possible before a reboot is required.
Agentless works great if all the machines are always on and always connected. But what about laptops. By design, they are frequently disconnected from the work domain.
In some cases, a laptop may never be connected to the work domain. A Patch for Windows Agent can be installed, a policy defined, and the laptop can be managed.
The Agent will get the xml data from Ivanti automatically, scan the laptop using a Scan Template.
At a configurable time, the Agent will attempt to connect to the Patch for windows Console server. It would fail because of firewall security.
The Agent would then connect to the Ivanti Cloud.
The Agent will then upload any scan results or deployment information to the Ivanti Cloud.
The Agent would also check to see if the Policy had be changed or updated, and if yes, would download and reconfigure the Agent.
This is one way to please you Change Control Board – make all your software installations and updates automated and routine.
Automate large or especially regular projects
Software Distribution
Patching
Built in project management tools like Gantt Charts
Free Ivanti Cloud till 31st October, but “only” for existing customer.
This would allow the customer to remotely monitor and manage devices which is great now that people are working from home. It’s not a replacement for e.g. SCCM, but it could be a great tool for IT-departments who want an easy solution to manage devices in critical times. SCCM does not work that great for remote devices as it in most cases require a VPN tunnel (virtual connection to their corporate network) to manage the devices.
Ivanti Cloud
Customer Registration: https://go.ivanti.com/web-Free-Trial-Remote_Workers_Cloud-EN.html
https://www.ivanti.com/products/ivanti-cloud
Q: Where can customers find more technical information on Ivanti Cloud?
A: Information on how to get started with Ivanti Cloud, technical documentation, and other technical resources are available here: https://forums.ivanti.com/s/ivanti-cloud
Q: How can Ivanti Cloud help customers with their challenges of an expanded remote workforce?
A: Ivanti Cloud benefits:
Provide a common user experience for all levels of analysts that acts as a console to all data, alerts, automation, and actions.
Automate actions and triggers built or scripted that can point to resulting actions both in the cloud or on-prem.
See vulnerabilities in real-time like disabled Windows firewalls or encryption that isn’t turned on and take care of them with the click of a button.
Get insights from machine learning and AI by pulling data from across your organization
Resolve remote problems without a remote-control session for common issues like viewing a device’s task manager, starting and stopping services, troubleshooting a network outage, and executing scripts.
Remote-control nearly any desktop from any device with secure, browser-based access.