Computerworld - This summer's Blaster worm was one of the first pieces of malicious code to spread itself by means of network-connected PCs. And the worm highlighted the need for more efficient patching processes in many companies.
Since then, several vendors have announced automated management products designed to help companies quickly test patches, identify systems that need them and automatically update those systems.
This week, South Jordan, Utah-based LANDesk Software Corp. will join the fray with the shipment of LANDesk Patch Manager for automated vulnerability assessment and patch distribution. The software is designed to give administrators a centralized view of the patch status of systems on their networks, identify specific vulnerabilities, test and deploy the patches, and then audit them as needed.
Other vendors marketing similar products include Shavlik Technologies LLC in Roseville, Minn., St. Bernard Software Inc. in San Diego, and PatchLink Corp. in Scottsdale, Ariz.
Raymond James Financial Inc., a financial services firm in St. Petersburg, Fla., has been beta-testing LANDesk's new patch management software for the past few months and is preparing to roll it out to 10,000 systems on its network.
The company has been using another LANDesk software tool to distribute patches companywide for several years. But LANDesk's new patch management function will give the company a better view of the systems that need to be patched and speed up the process of deploying the patches, said Andy Nosal, a supervisor of LANDesk operations at Raymond James.
"I like the ease of being able to find out what patches are on what systems and seeing all the affected machines" that need patching, Nosal said.
Stamford, Conn.-based Pitney Bowes Inc., meanwhile, is deploying similar patch management technology from Emeryville, Calif.-based BigFix Inc. to 22,000 client systems.
The tool will not only help Pitney Bowes deploy patches much faster, but it will also help the company enforce tough new security policies related to network-connected desktops, notebooks and other client devices, said David Giambruno, the company's director of strategy and security.
Since BigFix's software allows Pitney Bowes to monitor the patch status and virus signatures on every client device, the technology has enabled the company to quickly identify improperly configured systems and either block network access to those systems or take remedial action, Giambruno said.
The client-level impact of Blaster forced a "fundamental change in our thinking," he said. Whereas before the focus had largely been on protecting the server environment, the current emphasis is also on ensuring that client systems don't compromise security, Giambruno added.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
