eguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success

Similar documents
eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

Whitepaper. Advanced Threat Hunting with Carbon Black

Extreme Networks Security Analytics G2 Vulnerability Manager

How To Protect Your Network From Attack From A Network Security Threat

Windows Server 2003 End of Support. What does it mean? What are my options?

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

IBM Security QRadar Vulnerability Manager

Avoiding the Top 5 Vulnerability Management Mistakes

PCI DSS Top 10 Reports March 2011

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Simplify Your Windows Server Migration

Securing OS Legacy Systems Alexander Rau

PCI DSS Reporting WHITEPAPER

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Windows 7 Upgrade Risk Mitigation Planning: Ensuring Windows 7 Upgrade Success

Cloud and Data Center Security

Virtual Patching: a Proven Cost Savings Strategy

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

A BETTER SOLUTION FOR MAINTAINING HEALTHCARE DATA SECURITY IN THE CLOUD

Provide access control with innovative solutions from IBM.

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Symantec Control Compliance Suite Standards Manager

Preemptive security solutions for healthcare

IBM Security IBM Corporation IBM Corporation

BEST PRACTICES. Systems Management.

Network Access Control in Virtual Environments. Technical Note

PCI Data Security Standards (DSS)

eguide: Designing a Continuous Response Architecture Disrupting the Threat: Identify, Respond, Contain & Recover in Seconds

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

Payment Card Industry Data Security Standard

Windows Server 2003 migration: Your three-phase action plan to reach the finish line

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

Why you need an Automated Asset Management Solution

TRIPWIRE REMOTE OPERATIONS: STOP OPERATING, START ANALYZING

How To Buy Nitro Security

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Altiris IT Management Suite 7.1 from Symantec

McAfee Server Security

FIVE PRACTICAL STEPS

How To Test For Security On A Network Without Being Hacked

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

Devising a Server Protection Strategy with Trend Micro

Invincea Advanced Endpoint Protection

Reducing the cost and complexity of endpoint management

Kaseya IT Automation Framework

Compensating Security Controls for Windows Server 2003 Security

Boosting enterprise security with integrated log management

How To Monitor Your Entire It Environment

IBM Endpoint Manager for Server Automation

Devising a Server Protection Strategy with Trend Micro

Strategies for assessing cloud security

Trend Micro. Advanced Security Built for the Cloud

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

THE TOP 4 CONTROLS.

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

Advanced Threat Protection with Dell SecureWorks Security Services

Lumension Endpoint Management and Security Suite

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Integrated Threat & Security Management.

Virtual Patching: a Compelling Cost Savings Strategy

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Maximizing Configuration Management IT Security Benefits with Puppet

Managing the Unpredictable Human Element of Cybersecurity

Cisco Security Optimization Service

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Safeguarding the cloud with IBM Dynamic Cloud Security

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Intelligent Laptop Virtualization No compromises for IT or end users. VMware Mirage

Best Practices for Building a Security Operations Center

Compliance Management, made easy

Reining in the Effects of Uncontrolled Change

Bringing Continuous Security to the Global Enterprise

Strengthen security with intelligent identity and access management

IBM Security Intrusion Prevention Solutions

FIREMON SECURITY MANAGER

Seven Practical Steps to Delivering More Secure Software. January 2011

Protecting Virtual Servers with Acronis True Image

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

CORE Security and GLBA

Total Protection for Compliance: Unified IT Policy Auditing

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Brochure. Update your Windows. HP Technology Services for Microsoft Windows 2003 End of Support (EOS) and Microsoft Migrations

Transcription:

: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success

FAST FACTS Over 10 Million Windows Server 2003 Devices Still In Use Less Than 250 Days To Windows Server 2003 End-Of-Life 62% 62% Either Unable Or Unprepared To Upgrade EOL Devices. Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows XP, Windows Server 2003 continues to be used and relied upon by organizations worldwide with as many 10 million Windows Server 2003 systems still in production. Once Windows Server 2003 has reached end-of-life, Microsoft will no longer deliver or develop security updates and critical patches. While many organizations are prepared and will be able to upgrade all impacted systems to Windows Server 2012 R2 by the deadline, as many as 62% of organizations will either be unable to or unprepared to upgrade all of these devices before this date, leaving as many as several million systems vulnerable to attack. Are you prepared? If you answered anything but a resounding YES, this eguide will provide you with 5 tips critical to a successful and affordable Windows Server 2003 EOL transition. The following five steps outline a path to meet these goals. 1. Don t Panic 2. Understand Your Risk 3. Develop an 2003 EOL Plan 4. Set a Realistic Timeline 5. Be Proactive Average EOL Migration Takes 200 Days 2

1 Don t Panic If you do not yet have a 2003 End of Life Plan, don t panic. First, you re not alone. Second, rushing directly into action without having first thoroughly assessed your risk and difficulty associated with migration is a recipe for disaster. Instead, take a deep breath and know that regardless or your end-of-life risk or application migration difficulty there are solutions, services, and options available to ensure your organization remains protected. This eguide will help you understand your risk and determine what solution or combination of solutions make the most sense for your organization. 3

2 To properly understand the potential impact Window Server 2003 EOL, you first need to understand your risk and exposure. Understand Your Risk To do this you need to understand: + + How many Windows Server 2003 devices do I have? + + How many contain or connect to critical, sensitive, or regulated data? + + How many are running Windows Server 2003 dependent software and can not be easily migrated? + + How many are aging devices and would need to be upgraded to run a different OS? + + How much time is needed to recompile and reconfigure any custom applications to run on Windows Server 2012? + + How much would it cost to purchase extended support on all of these devices? Is there budget? While every organization would like to be running the latest supported operating system releases and have a rapid and trusted patch management system in place to ensure continuous OS security, that simply is not possible for most organizations. Application specific requirements, aging hardware, budget constraints, limited human resources, and the rapid rate of patch releases makes this impossible for even the smallest of organizations. Whether you are running 10 servers or 10,000 servers, chances are you oversee a heterogeneous environment with multiple operating system releases, different hardware profiles, and a combination of legacy and modern software. With 10 million devices still running Windows Server 2003, chances are pretty good that more than a few of the machines in your environment are still running Windows Server 2003. Only after you have this information, can you begin to understand the risk, difficulty and cost associated with upgrading or extending the life of your Windows Server 2003 machines. Unpatched 2003 systems will lead to zero-day forever scenarios that is, there will be no patches for zero-day attacks so new vulnerabilities will never be remediated. Without updates and patches, you may be cited for noncompliance and/or failure to pass assessment and regulatory audits. Here is Microsoft s official position on this topic: Unsupported and unpatched environments are vulnerable to security risks. This may result in an officially recognized control failure by an internal or external audit body, leading to suspension of certifications, and/or public notification of the organization s inability to maintain its systems and customer information. This statement is absolutely true but with proper planning ahead of time there are compensating controls that can be put in place to ensure the security and continued compliance of these systems. With Microsoft custom support estimated to cost $200,000/year on average, IT managers would be wise to look into other compensating control options, such as application whitelisting, to ensure continued security and compliance of these systems. Understanding the scope of your migration and identifying which devices will not be able to be upgraded early and what compensating control options are available is key to help you develop an comprehensive and achievable plan to Windows Server 2003 EOL success. 4

3Develop a 2003 EOL Plan Having a firm understanding of your organizational risks and having identified which devices will be upgraded and which will require extended compensating controls, you are now in a position to develop a plan to Windows Server 2003 EOL success. As you begin to develop a plan for your Windows 2003 server migration, there are a couple tips you will want to keep in mind. DON T DO IT ALONE Ensuring a smooth EOL transition will require full buy-in and agreement from any and all impacted stakeholders. This means taking time to not only pull together the technical and project management resources required to execute the project, but also stakeholders from impacted business units and the budgeting finance team. DEDICATE TIME FOR PROJECT SCOPING The average migration project will take over 200 days to implement. The better you understand the project and potential pitfalls early on, the more likely you will be able to meet critical deadlines and avoid budget overruns. WORK WITHIN YOUR BUDGET No matter how good a plan you have developed, without the necessary budget and resources the project will never get off the ground. Ensuring you have a realistic and sufficient budget allocation must be a top priority. Properly scoping potential project risks, identifying compensating controls and hardware upgrades, and building buy-in for human resource requirements necessary will help you work within your budget and if needed, assemble executive support for additional funding. 5

4Set a Realistic Timeline With July 14, 2015 fast approaching, it can be tempting to set overly aggressive timelines built around the EOL date, rather than realistic capabilities of your organization. When not aligned with reality, aggressive timelines can lead to sloppy mistakes, budget overruns, and unnecessary frustration. If you team is not realistically capable of completing a migration project prior to July 14, 2015, don t try and meet this deadline. While Microsoft will end support for Windows Server 2003 on July 14, 2015, there are affordable compensating controls, such as Bit9 + Carbon Black, that you can leverages as a permanent or temporary measure to extend the life of these systems beyond July 14, 2015. 6

5Be Proactive While the goal of any Windows Server 2003 EOL plan should be to upgrade as many 2003 devices as possible, this will not be possible for all devices. Recognizing this fact early and building in budget and an implementation plan for proactively deploying compensating controls into your EOL plan is highly recommended. This will ensure sufficient time to deploy new controls and ensure 100% coverage for impacted systems, avoiding the need for a costly lastminute custom Microsoft support agreement. The Bit9 Security Platform is an example of an industry leading advanced security solution that your organization can deploy as a compensating security control in lieu of regular patching and updates that are no longer available from Microsoft. Bit9 extends the security posture and protects your Windows Server 2003 devices from breach and data compromise past the end-of-life date by ensuring only trusted software is allowed to run. With Bit9, your Windows Server 2003 systems will remain compliant because the solution provides: + + Complete visibility into everything that is happening on every in-scope server and endpoint so you can measure compliance and risk. + + Automated, real-time detection of zero-day and advanced threats. + + A change history and full audit trail of all server and endpoint activity including real-time compliance risk measurement and reporting of your in-scope systems, including those which are no longer supported. This reporting provides the actionable intelligence to monitor compliance, identify any unexpected activity or event, and proactively improve the security posture. + + Prevention to stop advanced threats and other forms of malware from executing, including targeted, customized attacks that are unique to your organization. + + Integration across the existing security infrastructure to understand enterprise-wide compliance risk and exposure. Trusted by more than 1,000 organizations, including 25 of the Fortune 100, to protect their corporate endpoints and servers, Bit9 is a proven solution that can be affordably implemented to ensure the continued security of your Windows Server 2003 devices beyond end of life. 7

: Designing a Continuous Response Architecture ABOUT BIT9 + CARBON BLACK The combination of Bit9 + Carbon Black offers the most complete answer to the newer, more advanced threats and targeted attacks intent on breaching an organization s endpoints. This comprehensive approach makes it easier for organizations to see and immediately stop advanced threats. Our solution combines Carbon Black s lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver incident response in seconds, and Bit9 s industry-leading prevention technologies. Benefits include: + Continuous, real-time visibility into what s happening on every computer + Real-time threat detection, without relying on signatures + Instant response by seeing the full kill chain of any attack + Protection that is proactive and customizable Bit9 + Carbon Black delivers a comprehensive solution for continuous endpoint threat security. This is why thousands of organizations worldwide from 25 Fortune 100 companies to small businesses use our proven solution. The result is increased security, reduced operational costs and improved compliance. 2014 Bit9 is a registered trademark of Bit9, Inc. All other company or product names may be the trademarks of their respective owners. 20141106 266 Second Avenue Waltham, MA 02451 USA P 617.393.7400 F 617.393.7499 www.bit9.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information