Slide 1

Download Report

Transcript Slide 1 

Lumension Security
PatchLink Security Management Console™ 6.4
Overview & What’s New
www.lumension.com
© Copyright 2008 - Lumension Security
Enterprise Security Visibility
Complete discovery and visibility into the security posture
of every networked asset in your enterprise
Identify all unmanaged and rogue devices that are susceptible to attack
including routers, printers, servers, laptops, switches, wireless access
points and more
Automatically deploy remediation agents to rogue machines
Central facilitation of network and agent based assessments and
remediation activities
www.lumension.com
2
© Copyright 2008 - Lumension Security
Centralized Policy Enforcement
Flexible and granular definition and enforcement of
vulnerability management policies across your entire
enterprise
Set minimum security thresholds that must be met by
each managed machine
If patch levels identified in the baseline policy do not exist
on the machine, the local agent will automatically request
and execute the appropriate patches
Machines are continually audited to ensure ongoing
compliance with corporate policy
www.lumension.com
3
© Copyright 2008 - Lumension Security
Aggregate Policy Compliance Reporting
Centralized Update server data
Compliance-based
Flexible reports
www.lumension.com
4
© Copyright 2008 - Lumension Security
Aggregate Policy Compliance Reporting
Executive Summary
Provides insightful and concise view of the
enterprise security posture
Allows for quick analysis of total vulnerabilities
and severity level
www.lumension.com
5
© Copyright 2008 - Lumension Security
Aggregate Policy Compliance Reporting
Top 20 Reports
Prioritize quickly to determine best
action plan
Extensive filtering enables userdefined granularity of vulnerability
information
Provides simple point & click
capability to quickly ascertain the
enterprise security posture relative
to common industry tracking
mechanisms
www.lumension.com
6
© Copyright 2008 - Lumension Security
Aggregate Policy Compliance Reporting
Tightly integrated Patch
Management and Vulnerability
Assessment reporting provides
clear view of vulnerabilities found
and vulnerabilities fixed
Easily determine the current status
of vulnerability and patched
systems
Time relative information is
synchronized between Harris and
Patchlink
www.lumension.com
7
© Copyright 2008 - Lumension Security
Improved Operational Efficiency
Eliminate waste from managing multiple interfaces or
tying together data from multiple, disjointed systems
Support for hierarchical implementations



Multiple ‘sub-consoles’ may be
deployed for centralized
collection and aggregation of
threat, remediation, audit and
inventory information
Reduces the effort required to
prepare consolidated reports in
support of IT policy or
regulatory compliance
Reduces conflicting
recommendations for mitigation
between multiple IT and
security organizations
www.lumension.com
8
© Copyright 2008 - Lumension Security
Key Features and Benefits
Flexible Architecture - Flat or Hierarchical implementations, with a single management
console instance or multiple consoles rolling up into a centralized, master console.
Common Criteria EAL2 Certified - The Common Criteria Evaluation and Certification
Scheme (CCS) Certification Body has asserted that PatchLink Security Management
Consoles complies with the all specified security requirements
Consolidated Views - Multiple scan and remediation reports can be merged together to
form a comprehensive security posture
Highly Scalable - Currently deployed by customers across hundreds of thousands of
endpoints.
Role-Based Administration - Delegate remediation and reporting activities to improve
productivity while maintaining security
Policy-Based Administration - Push out mandatory baseline policies to all endpoints
Standard Industry Classifications - Identified vulnerabilities are linked to common
industry vulnerability classifications like CVE, BugTraq and IAVA codes for easy
identification, analysis and remediation.
Comprehensive Reporting - Document changes and demonstrate progress toward audit
and compliance requirements with enterprise & local reporting of asset inventory, network
or agent-based scans, vulnerability remediation and much more
Global Installation Support - Inclusion of international date / time designations for
assessment and remediation activities and A4 support for report generation
www.lumension.com
9
© Copyright 2008 - Lumension Security
Sample Case Study #1
The Challenge
1.5M devices worldwide
Over 1,000 administrators with limited expertise and time
Inadequate tools for vulnerability assessment
No enterprise validation that the vulnerability management process
was being followed
Enterprise reporting was not automated
The Solution
Highly scalable solution deployed worldwide
Systems experience no disruption
90% savings in training time required
Automated enterprise IAVA reporting capability
Enterprise accountability and enforceability
www.lumension.com
Computer Network Vulnerability Management
10
© Copyright 2008 - Lumension Security
Sample Case Study #2
The Challenge
No standardization of vulnerability reduction process
350,000 devices / 26 regional locations
Accelerated deployment schedule
Quarterly reporting and expedited scanning
Unified buy-in required by regional and local levels
The Solution
Deployed within 100 days to entire enterprise
Enterprise wide buy-in achieved by deploying a fieldproven solution, backed by robust support and service
Deployed solution enabled standardized vulnerability
management process
www.lumension.com
11
© Copyright 2008 - Lumension Security
What’s New in Security Management Console 6.4.4?
Network Discovery of Windows Vista and Windows Server 2008
Network Assessment of Windows Vista
Agent Management Job
 The Ability to install or uninstall Agents to Windows Vista.
 The ability to install or uninstall Agents with authenticated proxy.
Compatible with Update 6.4
 Directory Services Groups
 Nested Groups
 Additional Agent data available in text-based reports
 On-demand Agent data retrieval from remote servers
Backwards compatibility with Update 6.1, 6.2 and 6.3
Configurable Ping
More robust Windows Network Discovery option
Internalization
 A4 support for Report Generation
 Date/Time support
www.lumension.com
12
© Copyright 2008 - Lumension Security
Broad Platform Support
OS / Version
Discovery
Assessment
3com / Router, Switch
x
BSD Unix / Net, Free, BSDI
x
Cisco / IOS, CatOS, PIX
x
Cisco VPN
x
Foundary / Router, Switch
x
HP / HP-UX 10.x and later
x
x
HP / Tru64 4.0F and later
x
x
IBM AIX
x
Juniper / JunOS
x
Linux / Fedora (6,7)
x
x
Linux / Mandriva (7.0, 7.1)
x
x
Linux / Red Hat (Enterprise 2.1, 3, 4, 5)
x
x
Linux / SuSE Open/Enterprise (9, 10.0, 10.1, 10.2, 10.3)
x
x
Nortel Switch
x
OpenBSD / 3.8 and later
x
Printers / Canon, Epson, Tektronix
x
Printers / HP Networked
x
Printers / Lexmark
x
Sun Solaris / 2.5 and later
x
Windows (generic)
x
Windows / 2000, XP, 2003, Vista
x
x
Windows / XP Embedded
x
X
Wireless Access Point
x
www.lumension.com
x
x
x
x
13
© Copyright 2008 - Lumension Security
Minimum Requirements
Processor Requirements:
Pentium® compatible 1 GHz
Memory Requirements:
512 MB RAM
Disk Capacity Requirements:
20 GB available disk space
Display:
Monitor resolution 1024 x 768
Operating System
Windows
Windows
Windows
Windows
www.lumension.com
2000 Server SP4
2000 Advanced Server SP4
XP Professional SP2
Server 2003 SP1
14
© Copyright 2008 - Lumension Security
Thank You
For more information, please call
United States: +1 480 970-1025 (option 1)
United Kingdom: + 44 (0) 1908 357 897
Luxembourg: + 352 265 354 11
Singapore: + 65 6725 6415
or visit us on the web at www.lumension.com
www.lumension.com
15
© Copyright 2008 - Lumension Security