Loudcloud manages security patches

Infrastructure management service provider Loudcloud Inc. plans to announce Wednesday that it has begun offering its customers an automated system for detecting vulnerabilities and deploying fixes in servers and network devices, capitalizing on the growing proliferation of worms, viruses and software vulnerabilities.

The Sunnyvale, Calif.-based hosting company has added to its system for maintaining Web sites, called Opsware, a distribution system that can identify vulnerabilities in a customer's software stack and apply patches to affected systems without heavy lifting.

"This is a problem that really screams out for automation," said Frank Chen, director of products and services at Loudcloud.

In many cases, network administrators must keep a comprehensive list of all of the hardware and software they have installed in a network and constantly check that list against the vast number of worms, viruses and software holes that are reported by vendors. When administrators come across a vulnerable piece of software, they then have to manually apply a patch to every piece of affected software.

"Patching has been a very manual process," Chen said.

With the automated system, available through Loudcloud's Managed Services Version 3.0 offering, the company will routinely scan a customer's inventory of software and hardware for known vulnerabilities. Loudcloud has a team of security administrators that scours more than 30 virus-notification lists for vulnerable software. The lists are then stored in a repository that's used to audit a customer's system.

Opsware can create a list of vulnerabilities by comparing characteristics of a customer's system, such as what version of software is installed and whether or not it has been updated with a service pack, with criteria detailed in a security bulletin. As with an online shopping cart, Loudcloud can then view the list of affected software from a Web browser and distribute fixes.

Customers have the option of testing the patch ahead of its installation to make sure that it's compatible with other applications, Chen added.

A variety of tools are available to automate the process of detecting and installing software patches, bug fixes and even version upgrades. For example, Microsoft Corp. has Windows Update, which can be used to manage the installation of patches on Windows software. The company also has what it calls the Systems Management Server, which can be used to manage software distribution and installation on Windows software.

Loudcloud is touting greater benefits with its patch-management system because it can identify and patch software from more than 200 vendors, Chen said.

Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon