Software vulnerabilities can create security weakness, corrupt critical system data or cause system unavailability that can be a nightmare for Network Managers. IT Administrators can't even think of a good solution, without understanding how vulnerable their systems are. This makes them to constantly look out for a solution that scans for network vulnerabilities, identifies missing security patches and hotfixes, applies them immediately and mitigates risk; and not just a patch deployment software.

Desktop Central's agent-based solution handles every aspect of Windows patch management like System discovery, identifying the required Windows Microsoft updates deploying relevant patches, hotfixes, security updates, and patch reports to make network administrators job simple. Network Managers can also opt for a completely automated solution and don't have to worry about patching Windows systems ever. Desktop Central's Patch Management solution works for both Windows Active Directory and Workgroup based network.

Refer to Securing Windows Desktops to see the ways to enhance desktop security using Desktop Central.

Features

• Uses a hosted Patch Database at ManageEngine site to assess the vulnerability status of the network
• Complete automated
• Solution from detecting the missing patches/hotfix to deploying the patches
• Patch based deployment - Deploy a patch to all the systems applicable
• System based patch deployment - Deploy all the missing patches and hotfixes for a system
• Automatic handling of patch interdependencies and patch sequencing
• Reports on System vulnerabilities, Patches, OS, etc.
• Provides an update of the patch deployment status

Automatic System Discovery The Desktop Central solution performs automatic discovery of Windows systems using Active Directory. Administrators can choose the systems that have to be managed using Desktop Central. The Desktop Central agent that is installed in the managed systems performs the actions initiated from Desktop Central Server. This agent is responsible for vulnerability assessment scan and patch deployment.

Online Vulnerability Database The Online vulnerability Database is a portal in the ManageEngine site, which hosts the latest vulnerability database that has been published after a thorough analysis. This contains the list of all Microsoft Windows updates that are available. This database is exposed for download by the Desktop Central Server situated in the customer site, and provides information required for patch scanning and installation. The Desktop Central Server located at the enterprise (customer site) scans the systems in the enterprise network, checks for missing and available Windows patches against the comprehensive vulnerability database, downloads and deploys missing Microsoft patches and service packs, generates reports to effectively manage the patch management process of the enterprise.

Vulnerability Assessment Scan

Dekstop Central scans all the systems for missing Windows patches in operating systems and applications and the level of vulnerability is reported. These missing Windows patches are identified from the local vulnerability database, which is periodically synchronized with the external online vulnerability database maintained by ManageEngine.

Patch Deployment

Dekstop Central takes care of deploying the patches based on missing Microsoft patches or system vulnerability. Once deployed, the agent applies the relevant Windows patches in the system and security updates and updates the status in Desktop Central. The installation process can be scheduled from patch settings option.

Patch Reports

Patch reports gives details about system vulnerability level, missing Windows patches, applicable Windows patches, task status, etc. All these reports are available as pdf or in printer friendly versions.

Automated Patch Management Solution

Patch Management using Desktop Central can be automated at various levels like, Automatic scanning of Windows systems, Automatic scanning of the systems and downloading the missing Windows patches, Automatic download of missing patches and draft a patch configuration and Automatic download of the missing Microsoft patches and to deploy them. All these can be scheduled and the status is notified through mail.

Supported OS and Applications

• Windows Vista (Enterprise, Business, Ultimate)
• Windows Server 2008 (Standard, Enterprise & Web Server Editions)
• Windows Server 2003 (Standard, Web & Small Business Server Editions)
• Windows XP Professional
• Windows 2000 Professional
• Windows 2000 Server
• Windows 2000 Advanced Server
• Microsoft Office 2003
• Microsoft Office 2007
• Internet Explorer
• Windows Media Player
• .NET Framework
• MSXML
• DirectX

Free Patch Management

You can manage Windows patches using the free edition of Desktop Central.

For more details refer to the Patch Management and Patch Management Life Cycle topics in the online help.