Lumension Endpoint Management and Security Suite



Similar documents
Lumension Endpoint Management and Security Suite (LEMSS): Patch and Remediation

Lumension Guide to Patch Management Best Practices

Vulnerability Management ROI Calculator User Guide. v2.0 Monday, September 29, Copyright 2008, Lumension Security

UP L04 Introduction to 3 rd Party Patching Using the 4A Model Hands-On Lab

Patch Management SoftwareTechnical Specs

IBM Security QRadar Vulnerability Manager Version User Guide

Patch Management Reference

Patch Management Reference

Actualtests.C questions

Why Free Patch Management Tools Could Cost You More

Complete Patch Management

Dell KACE K1000 System Management Appliance Version 5.4. Patching and Security Guide

HP Client Automation Standard Fast Track guide

ALTIRIS Patch Management Solution 6.2 for Windows Help

mystanwell.com Installing Citrix Client Software Information and Business Systems

Comodo Endpoint Security Manager SME Software Version 2.1

Administration Quick Start

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

IBM Tivoli Endpoint Manager for Lifecycle Management

Dell KACE K1000 Management Appliance. Patching and Security Guide. Release 5.3. Revision Date: May 13, 2011

Thirtyseven4 Endpoint Security (EPS) Upgrading Instructions

Northwestern University Dell Kace Patch Management

Installing and Administering VMware vsphere Update Manager

USER GUIDE: MaaS360 Services

Citrix : Remediation - MAC

Novell ZENworks Patch Management Powered by PatchLink Corporation

Novell ZENworks 10 Configuration Management SP3

Radia Cloud. User Guide. For the Windows operating systems Software Version: Document Release Date: June 2014

Patch Management Reference

Quick Start Guide to Logging in to Online Banking

VMware vcenter Update Manager Administration Guide

K7 Business Lite User Manual

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

RMM/MDM. Quick Reference Guide

D-Link Central WiFiManager Configuration Guide

System Administration Training Guide. S100 Installation and Site Management

Data Sheet: Server Management Altiris Server Management Suite 7.0 Essential server management: Discover, provision, manage, and monitor

Lumension Endpoint Management and Security Suite Patch and Remediation 7.0 Service Pack 1 Migration Guide

Closing the Vulnerability Gap of Third- Party Patching

Reducing the cost and complexity of endpoint management

Vulnerability Management

HP Server Automation Enterprise Edition

ZENworks 11 Support Pack 4 Management Zone Settings Reference. May 2016

Audit Management Reference

LabTech Integration Instructions

Network Connect Installation and Usage Guide

Policy Compliance. Getting Started Guide. January 22, 2016

Publish Cisco VXC Manager GUI as Microsoft RDS Remote App

Managing Software Updates with System Center 2012 R2 Configuration Manager

Data Sheet: Archiving Altiris Server Management Suite 7.0 from Symantec Essential server management: Discover, provision, manage, and monitor

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

TRIPWIRE PURECLOUD. TRIPWIRE PureCloud USER GUIDE

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

QUICK START GUIDE FOR CORE AND SELECT SECURITY CENTER 10 ENDPOINT SECURITY 10

Kaseya Server Instal ation User Guide June 6, 2008

Core Protection for Virtual Machines 1

User Guide. Lumension Endpoint Management and Security Suite Patch and Remediation 8.0

Best Practices. Understanding BeyondTrust Patch Management

IBM Endpoint Manager for Lifecycle Management

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

Installation Guide. Help Desk Manager. Version v12.1.0

PacketTrap One Resource for Managed Services

VMware vcenter Support Assistant 5.1.1

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

Simplify Your Windows Server Migration

Novell ZENworks Asset Management 7.5

Technical Note. CounterACT: Powerful, Automated Network Protection Inside and Out

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

Patch Management for Red Hat Enterprise Linux. User s Guide

How To Monitor Your Entire It Environment

QualysGuard Asset Management

Total Protection for Compliance: Unified IT Policy Auditing

Novell. ZENworks Patch Management Design, Deployment and Best Practices. Allen McCurdy Sr. Technical Specialist

Best Practice Configurations for OfficeScan (OSCE) 10.6

System Planning, Deployment, and Best Practices Guide

IBM Tivoli Endpoint Manager for Security and Compliance

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

Anti-Executable Dashboard. Last modified: August 2012

VMware vcenter Update Manager Administration Guide

vrealize Air Compliance OVA Installation and Deployment Guide

NetWrix USB Blocker. Version 3.6 Administrator Guide

GFI Cloud User Guide A guide to administer GFI Cloud and its services

Contents. VPN Instructions. VPN Instructions... 1

Shakambaree Technologies Pvt. Ltd.

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Remote Access Services Microsoft Windows - Installation Guide

LIBRARY MEMBER USER GUIDE

Sophos Enterprise Console Help

CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE

Transcription:

Lumension Endpoint Management and Security Suite Patch and Remediation Module Evaluation Guide July 2012 Version 1.1 Copyright 2009, Lumension

L.E.M.S.S:LPR - Table of Contents Introduction... 3 Module Description... 3 Objective... 4 Evaluation Scenarios... 4 Prepare Test Environment... 4 Scan Your Endpoint Environment... 8 Remediate Selected Vulnerabilities... 9 Deploy Software to Endpoints... 12 Create a Mandatory Baseline... 13 Set up Hours of Operation and Wake-on-LAN... 15 Reporting... 16 Evaluation Wrap-up... 17 2

Introduction This document is designed to assist you in implementing the Lumension Endpoint Management and Security Suite (L.E.M.S.S.) Patch and Remediation Module and to use it as an ongoing record of your observations and feedback during the evaluation process. Module Description Lumension Patch and Remediation is the market-leading solution that identifies and patches vulnerabilities across the entire organization, supporting heterogeneous operating systems, configurations and all major 3rd party applications, and managed through a single console. Lumension Patch and Remediation seamlessly integrates with Lumension Endpoint Management and Security Suite, which simplifies endpoint management and control and reduces TCO by consolidating different product modules into a single console, server and agent platform architecture. Lumension Patch and Remediation provides: Heterogeneous OS support for easy patch and remediation administration across multiple platforms - Windows, Unix, Linux and Mac OS. The industry s broadest third party vulnerability content available, including the largest repository of Adobe vulnerability content. Integrated asset discovery for full network visibility and continuous control across both physical and virtual environments. Automated policy baselines to ensure that patches, configurations, remediations, and other tasks are continuously enforced. Enhanced Wake-on-LAN to ensure complete control over the patching process, provide flexibility for when patches are deployed and to bring powered down systems back online to ensure that critical patches and software updates are successfully deployed. Power management reporting to effectively demonstrate power consumption savings and to provide necessary information to apply for utility rebate programs through local utility providers. 1 Patented Fingerprinting 2 technology which determines whether an endpoint is patched or un-patched across a variety of OS s and applications. Extensibility and customization via Lumension Content Wizard including power policy management, software deployment and removal, desktop configuration templates and custom task scripting. IT risk management integration via Lumension Risk Manager to automatically assess controls and potential deficiencies for IT risk management prioritization and compliance reporting. Lumension Patch and Remediation uniquely addresses the 3 main challenges you face in regards to the tidal wave of software vulnerabilities that exist in your organization: 1. Accurately identifying and analyzing all the software vulnerabilities on all endpoints, physical or virtual, online or offline; 2. Rapidly patching vulnerabilities with minimal user impact; 3. Monitoring patch efficacy and demonstrating policy compliance. 1 This is a separately licensed capability available through Lumension Patch and Remediation. 2 U.S. Classification: 713191000; 717168000; 717174000; International Classification: G06F011/30; G06F009/44; G06F009/445 3

Objective The goal of this evaluation guide is to assist you in implementing Lumension Endpoint Management and Security Suite (L.E.M.S.S.): Patch and Remediation and to guide you through the evaluation process. We recommend that you implement this solution on a small group of endpoints. The task list includes the following: 1. Prepare test environment 2. Scan your endpoint environment 3. Mitigate the threat remediate selected vulnerabilities 4. Create a mandatory baseline 5. Set up Hours of Operation and Wake-on-LAN Evaluation Scenarios Prepare Test Environment Business Context: Install the L.E.M.S.S. software onto the server and L.E.M.S.S. agent onto a small group of endpoints, per the L.E.M.S.S. platform evaluation guide. Once installed, create an additional Patch Administrator role for someone to be in charge of Patch and Remediation policies. Next, deploy Patch agent plugin to endpoint agents. Finally, create a custom group for test endpoints. Expected Outcome: L.E.M.S.S. and the Patch module are fully operational and ready for evaluation on the server and a small group of endpoints. A new role has been defined on the server for the purpose of enforcing IT security and administration of Patch and Remediation policies. A custom group of endpoints has been created for group management purposes. Create Patch Administrator role 1. Navigate to Tools > Users/Roles and select the Roles tab 2. Click the Create button 3. Enter a name for the role (i.e. Patch Manager) and use the Manager role as a template 4. On the access rights tab remove all rights in the Jobs, content, antivirus, device control, application control, and application library sections 5. Click OK 6. Verify that the new role was created 7. Go to the Users tab and click Create 8. Click Next and enter the user name PatchManager 9. Enter any password you like and select the newly created role 10. Click Finish 11. Verify that the new user has been created 4

5

Deploy Patch Agent Plugin 1. Navigate to Discover > Assets to perform an asset discovery by computer name or IP range 2. Based on the results of the asset discovery, install the patch agent plugin on a small group of endpoints. 3. Review the results of the job 4. Verify that the agent plugin is installed. 6

ENDPOINT TASKS 1. Check endpoint performance and CPU utilization 2. Launch the Agent Control Panel and verify that the Patch module agent plugin was installed successfully. REVIEW RESULTS 7

Create Custom Group for Endpoints 1. Navigate to Manage > Groups and select the Group Membership view 2. Select Custom Groups in the Group Browser section 3. Click the Create button 4. Enter a name for the group called Public Use Desktops and save 5. Click Public Use Desktops, then change the view to Endpoint Membership 6. Click the Manage button 7. Select the endpoints for the group then click the Assign button 8. Once all endpoints are assigned, click the OK button Scan Your Endpoint Environment Business Context: With over 30,000 known software vulnerabilities, accurately identifying and analyzing all of the possible threats to all of your computers can appear to be an insurmountable challenge. In this task, you will scan your computer for any known vulnerabilities. Expected Outcome: Lumension Patch and Remediation returns all the vulnerabilities identified on the scanned assets, both physical and virtual, online. Vulnerabilities include security configurations, OS and application vulnerabilities patch-level related vulnerabilities, and P2P software checks. 8

Lumension Patch and Remediation supports all major OS platforms (Windows XP to Windows 7 and Server 2008 R2; Linux; MacOS; Sun Solaris; HP; etc.). LPR also addresses all your software application vulnerability patching needs to strengthen your endpoint security posture. 1. Open the LEMSS HomePage from any compatible web browser. 2. Navigate to Manage > Groups and select the custom group previously created 3. Right click and set you view to Vulnerabilities 4. Review Vulnerabilities provides a scorecard of vulnerabilities to the number of machines applicable. The Vulnerabilities view shows a list of all of the vulnerabilities that the agent discovered from its latest internal machine scan, per the filtering criteria as defined in the filter options in the upper right hand corner. Lumension Patch and Remediation provides an automated mechanism for gathering software updates from most leading operating system and application developers, with multiple thousands of vulnerability signatures currently available, ensuring broad coverage for today s heterogeneous environments. REVIEW RESULTS Remediate Selected Vulnerabilities Business Context: Once the identification and analysis is complete, you may discover a sizeable number of known vulnerabilities that could afford cybercriminals a means to penetrate your environment. How do you effectively remediate all of these threats in order to dramatically improve your risk posture and avoid costly, embarrassing attacks? Get ready to deploy patches to all affected endpoints. You ll want to prioritize your remediations by groups, business impact, and level of importance of the patches. Use LEMSS to deploy the latest Patch Tuesday security releases. Expected Outcome: Once vulnerabilities have been identified and analyzed, you can remediate them easily by using the Lumension Patch and Remediation deployment wizard. All critical and recommended updates (shown as vulnerable ) will be deployed and installed on all common-use computers. Additionally, for a specified group or individual endpoint, review the Vulnerabilities list to see what is missing and schedule these deployments as well. 9

1. On the Manage > Groups Vulnerabilities page view, check the box next to the vulnerability name and click the Deploy button. 2. Click Next to enter the wizard. 3. Within the wizard, the system has already identified the vulnerable computers that require the patch for the selected vulnerability. 4. Continue to click Next to move through the wizard to show a. Deployment Options i. How you can select the date and time of deployment ii. How you can set bandwidth throttling to control how many agents can communicate with the server simultaneously. (Note: you must name the deployment to move to the next screen) b. Package Deployment Order and Behavior i. Ability to auto-qchain patches together ii. Control of whether computers are to be rebooted c. Notification Options i. Ability to notify users of deployments and provide them with the ability to delay deployments for a period of time that you define. 5. At the end of the wizard process, the Deployment Confirmation screen appears. The deployment is now ready to be scheduled. This means that each agent now picks up its deployment the next time it checks in with the server. 6. The flexibility of the Wizard allows the administrator granular control over all aspects of the deployment, or the ability to simply accept the system defaults and deploy patches with a few mouse clicks. 10

11

ENDPOINT TASKS: 1. Navigate to and log on to your endpoint in the custom group 2. Once deployments are completed, verify that the endpoint has been updated and is working properly 3. Confirm that the patches were installed. REVIEW RESULTS: Log on to the L.E.M.S.S. endpoint management console to verify that the patches have been deployed successfully. Deploy Software to Endpoints Business Context: Install the latest software, such as Firefox or Chrome web browsers, Adobe Reader, etc. to ensure all endpoints are up to date with the most recent version. Expected Outcome: The latest version of the selected software, such as Firefox or Chrome, will be installed on all common-use computers. 1. Run a Discover Applicable Updates task in your group of endpoints 2. Create a deployment based on Software Installers for the group (use Mozilla Firefox Google Chrome or any other applicable application) 3. Review the progress of deployments as they are delivered to endpoints. ENDPOINT TASKS 1. Navigate to and log on to your endpoint in the custom group. 2. Once deployments are completed, verify that the endpoint has been updated and is working properly 3. Confirm that the application was installed. 12

REVIEW RESULTS 1. Log on to the L.E.M.S.S. endpoint management console and verify that the software installation was successful. Create a Mandatory Baseline Business Context: Once endpoints have been patched and properly configured per your business policy, you ll want to ensure that endpoints will remain in this compliant state as well as allow new endpoints in your environment to adopt the same configuration rules. Lumension Patch and Remediation utilizes mandatory baselines to accomplish this goal. Mandatory baselines represent the absolute minimum set of content or locally-created distribution packages that must be installed on a group s endpoints. Baselines continually verify that the applicable content items are installed on group endpoints. If a group endpoint is found in a Non-compliant state (does not have an item defined in the baseline installed), L.E.M.S.S. automatically deploys the applicable content until the endpoint is once again compliant. For example, you can set a Mandatory Baseline for all endpoints within a group that must have Microsoft Windows Messenger installed. If Messenger is deleted on a group member s endpoint, L.E.M.S.S. reinstalls Messenger. Expected Outcome: After content items are added to a group's Mandatory Baseline, Lumension Endpoint Management and Security Suite schedules a series of scans and deployments until the group complies with the baseline. Your endpoints will maintain their patched status and configuration per your business policy, and new endpoints that are added to your endpoint environment will be configured to reflect the mandatory baseline. 1. Navigate to Manage > Groups 2. Select your custom group Public Use Desktops 3. Right click on your group and change the view to Mandatory Baseline 4. Click on Manage to build your Mandatory Baseline 5. From the bottom of the screen, select the vulnerabilities or content you would like to add to your Mandatory Baseline 6. Click Assign, then OK when done 13

ENDPOINT TASKS 1. Navigate to and log on to your endpoint in the custom group. 2. Once deployments are completed, verify that the endpoint has been updated and is working properly. 14

3. Confirm that the endpoint complies with the baseline. REVIEW RESULTS 1. Log on to the L.E.M.S.S. endpoint management console and verify that the endpoints are compliant with your business policy. Set up Hours of Operation and Wake-on-LAN Business Context: Performing maintenance tasks on endpoints can have a tremendous impact on business operations if performed during regular business hours. Users will be inconvenienced and have downtime, while maintenance tasks could negatively impact network performance. However, if you set up Hours of Operation for each user group, you can schedule maintenance tasks during off-hours and don t have to impact your user community. Since many machines may be powered down during off-hours due to power conservation policies, waking up these machines prior to deploying patches and performing maintenance will be critical. Expected Outcome: Your groups of endpoints will be set up to follow group-specific hours of operation. When performing maintenance tasks on these endpoint groups, you will be able to schedule them during off-hours and take advantage of Enhanced Wake-on-LAN to wake up any offline machine and power them down again once maintenance is complete. As a result, you will minimizes business disruptions and thus improve the productivity of your organization. 1. Navigate to Manage > agent Policy Sets 2. Click on Create to generate a new policy 3. Scroll down to the Patch agent Communication section and click on the Define button to enter the Hours of Operations configuration window 4. You can select the Day or time to set the operational hours 5. You can set the Hours of Operations in 30 minute increments, 24 hours a day, 7 days a week 6. The areas in red are the times when the agent will be asleep and not communicating to the server. 15

ENDPOINT TASKS 1. Navigate to and log on to your endpoint in the custom group. 2. Once deployments are completed, verify that the endpoint has been updated and is working properly. 3. Confirm that the endpoint complies with the baseline. REVIEW RESULTS 1. Log on to the L.E.M.S.S. endpoint management console and verify that the endpoints are compliant with your business policy. Reporting Business Context: With mounting pressure to comply with internal security policies and external regulations, identifying and removing vulnerabilities is no longer enough. Now you must be able to prove ongoing patch efficacy and easily report on all aspects of their vulnerability management process. Expected Outcome: Lumension Patch and Remediation enables you to prove the effectiveness of your vulnerability management process though ongoing patch monitoring and rapid, flexible report generation. The agent continuously scans the machine to determine the efficacy of the remediation activities it has performed, on a pre-defined schedule set by the administrator. The information from these DAU (Discover Applicable Update) scans is propagated to the server(s), where it is available for analysis and reporting. Powerful and flexible reporting options are available to both assist in the vulnerability management process and prove compliance with internal security policies and external regulatory requirements. 1. Access the report window by navigating to the Reports tab. 2. Reports are arranged by categories for easy reporting. By selecting the individual categories, the various reports are displayed. Or, of course, you can list all for an alphabetical listing. 3. In the reports window that opens, the Patch and Remediation server contains 29 standard application report templates that provide a wide range of information on vulnerabilities, deployments, policy compliance and with multiple configurable items and a description of the type of report and the export type, as well. 4. Click on the Deployment Summary Report. The flexible structure of the report template allows for the selection of a wide range of criteria at different levels of aggregation. 5. Select all Available Deployments by clicking on the 2 downward pointing arrows and click Generate Report to run the report. 16

Evaluation Wrap-up Lumension Endpoint Management and Security Suite: Patch and Remediation is a powerful rolebased application that provides a wide range of capabilities, some that were not discussed, including detailed inventory assessments, software distribution, custom package creation, and many more. In addition to Lumension Patch and Remediation, Lumension offers Lumension Content Wizard that extends the capabilities of Lumension Patch and Remediation with custom scripting capabilities. The included Content Wizards include custom detection, deployment, patching, and remediation of 3rd party and in-house content, as well as creating custom checks and remediation to detect and alleviate security risks and operational efficiency issues in your environment. Examples include: making sure AV is installed, distributing 3rd party patches, following application deltas, and more. LCW improves your operational efficiency by simplifying remediation package development and providing centralized deployment, management and reporting on all custom IT scripts. 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information