Taming Patch Tuesday

On this February's "Patch Tuesday," Microsoft released its largest group of security bulletins in nearly a year, triggering a scramble to digest the deluge of new vulnerabilities and patches. While this month's batch of patches was one of the largest yet from Microsoft, the frantic race to understand the implications, prioritize updates and implement fixes before hackers can exploit vulnerable technology systems is not new to security administrators.

Increasingly, companies are looking to patch management vendors to get a leg up in this race and navigate through the labyrinth of patching. "It's not only the next virus or worm that keeps the IT manager sleepless at night, but also how to disseminate the remedy quickly across the entire user base in order to prevent or minimize damage," states Eric Paulak, vice president and research director for Gartner. "There is a definitive need in the market for a solution that would give IT departments both the ability to force users into compliance at the time of connections, as well as actively monitor the compliance status of their enterprise user base."

Endpoint Policy Management:
Shooting Down Viruses without Killing Productivity

Fortunately, there's Endpoint Policy Management from iPass. This iPass-hosted service streamlines and automates patch management for Microsoft* Windows* operating system (OS) and anti-virus updates. It licenses Shavlik* Technologies' HFNetChk engine to assess customer systems for new vulnerabilities and deploy Microsoft patches in record time.

Even with the unprecedented extent of February's patch release, iPass was able to make patches available to customers for installation within 24 hours of posting by Microsoft - making Patch Tuesday seem like any other day to IT administrators.

iPass customers that employ Endpoint Policy Management can quickly and easily deploy the monthly Patch Tuesday releases to all of their mobile and remote computers through a few simple clicks. IT staff use Endpoint Policy Management's secure Web console to quickly control and customize policies for:

• Continuous, Automated Assessment. Endpoint Policy Management performs an immediate inventory of the software installed on your endpoint devices, including Windows OS configurations and anti-virus software. It then promptly runs a security assessment without requiring user interaction.
• Automated Remediation. After assessing the endpoint device, Endpoint Policy Management installs new Microsoft OS patches and anti-virus definition files based on your security policies and priority levels. It relies on your professional assessment of which updates are high or standard priority.
• Verification and VPN Launch. Endpoint Policy Management reports back to the iPassConnect universal client on the endpoint device's remediation status and only allows a VPN to be launched once remediation is completed.
• Automated Patch Management. Endpoint Policy Management simplifies the ongoing task of administering Microsoft OS patches. Each time an OS patch is released from Microsoft, it becomes directly available through the Endpoint Policy Management Web console.