HOME  |  ABOUT PATCHEASY  |  DOWNLOAD TRIAL  |  CONTACT  |  MEDIA
PatchEasy - the compete security patch management software solution
 
 
ABOUT PATCHEASY
 » Overview
 »  Highlights
 »  Data Sheet
 »  Deployment Guide
 »  User Manual
 »  Support
DOWNLOAD TRIAL
CONTACT
XP SP2 Software Firewall Issue
Download literature (PDF)
 
See PatchEasy's complete list of supported patches
 
 
 
 
PATCH MANAGEMENT
 
About Patch Management | Patch Management: A Way of Life
Patch Management Solution Components | Patch Management ROI
 
 
Patch Management — Solution Components
 
Components of a Patch Management System
 
 
The patch management system is consists of four major components (shown above)
 
The Master Database
The Site Server
The Administrator's Machine
Managed Nodes
 

System Components
 

Master Database
The threat analysis team scours numerous sources for new patch information and populates the Master Database with the latest alerts and patch information after comprehensive testing. The Master Database then passes the information to the individual client's site server.

Patch Management Site Server
This is the core component for delivering patches across the client's network and typically resides behind a firewall. Alerts come from the master database and are matched to the inventory information from the agents. This machine could be a normal workstation also

Administrator's Machine
Administrators direct the deployment and remediation using this machine via a secure web user interface.

Managed Nodes
The Managed nodes can be managed with or without an agent. The agent is a lightweight program responsible for scanning the computers as well as retrieving and deploying patches. For agentless nodes the site server or what we can term as master agent will scan, retrieve and deploy patches.
 

Setting up the Components
Step 1 Deploy the site server at the client end.
Step 2 Set up the administrator's machine for management of the patching practice.
Step 3 Deploy the agents on the machines across the network.
Step 4 Start the patch management process

The Process
The Master Database resides outside the client's network (At the Network Operations Center, NOC) and is accessible via the internet. This is a highly available clustered server which passes information to the client's site server.

The latest alerts & patches are pulled and tested at the NOC and pushed onto the master server. Timely alerts are put in place on this server, often before vulnerabilities are announced by the vendors.

The Site Server resides at the client end typically behind a firewall. The latest alerts & patches are pulled by this server from the master database via the internet. The site server maintains a centralized inventory of all software and version information installed on all systems running the agent.

The entire process of patch deployment is managed using the Administrator's Machine. This machine is used for discovery, remediation, tracking and reporting.

The administrator configures the notification process. Notifications can be in form of notations on the central management interface, emails or emergency pages. Upon receiving a notification the administrator schedules the deployment of a patch. At the scheduled time the agents contact the site server and deploy the patches on the respective Machines.

Reference: Diagram Below.

Step 1
The site server contacts the master server. The master server pushes the latest alerts and patches onto the site server.

Step 2
The administrator monitors the site server through the administrator's machine. Upon receiving the latest patches the administrator schedules the deployment of patches on the machines across the network i.e. Main Location / Server Hall / Location A / Undefined Location (Mobile Users). Mobile users connect to the site/master server via the internet.

Step 3
The agents residing on the systems across the system are woken up at the scheduled time. These agents then pull the patches from the site or master server and install the patches on their respective machines.
 
 
 
 
 
Posted on 29 May 2004
 
 
 
  © Copyright 2003-2008 SecureSynergy Pvt Ltd. All rights reserved. Disclaimer | Privacy