Patch Management software applications that are popular today, aim at overcoming the vulnerabilities that create security weakness, corrupt critical system data or cause system unavailability. Such software vulnerabilities can otherwise be a nightmare for Network Managers. IT Administrators can't even think of a good solution, without understanding how vulnerable their systems are. This makes them to constantly look out for a solution that scans for network vulnerabilities, identifies missing security patches and hotfixes, applies them immediately and mitigates risk; and not just a patch deployment software.
Desktop Central's agent-based solution handles every aspect of Windows, Mac and Third Party Application patch management like System discovery, identifying the required Windows Microsoft updates, Mac Updates and Third Party Applications detail, deploying relevant patches, hotfixes, security updates, and patch reports to make network administrators job simple. Network Managers can opt for this completely automated patch management software solution and don't have to worry about patching Windows systems ever. Desktop Central's Patch Management solution works for both Windows Active Directory and Workgroup based networks. Also, you can manage both Microsoft and Non-Microsoft Patches using a single Patch Management application.
Refer to Securing Windows Desktops to see the ways to enhance desktop security using Desktop Central.
Automatic System DiscoveryThe Desktop Central solution performs automatic discovery of Windows systems using Active Directory. Administrators can choose the systems that have to be managed using Desktop Central. The Desktop Central agent that is installed in the managed systems performs the actions initiated from Desktop Central Server. This agent is responsible for vulnerability assessment scan and patch deployment.
Online Vulnerability DatabaseThe Online vulnerability Database is a portal in the ManageEngine site, which hosts the latest vulnerability database that has been published after a thorough analysis. This contains the list of all Microsoft Windows updates that are available. This database is exposed for download by the Desktop Central Server situated in the customer site, and provides information required for patch scanning and installation.
The Desktop Central Server located at the enterprise (customer site) scans the systems in the enterprise network, checks for missing and available Windows patches against the comprehensive vulnerability database, downloads and deploys missing Microsoft patches and service packs, generates reports to effectively manage the patch management process of the enterprise.
Dekstop Central scans all the systems for missing Windows patches in operating systems and applications and the level of vulnerability is reported. These missing Windows patches are identified from the local vulnerability database, which is periodically synchronized with the external online vulnerability database maintained by ManageEngine.
Most often the patches have to be deployed in a test environment to ensure that they are error-free and stable, before they are rolled out to the entire network. Also, in cases where you have a team of system administrators, you can ensure that the patches tested by one team can directly be approved for deployment. This saves a lot of time, which can be utilized for other critical tasks.
Dekstop Central takes care of deploying the patches based on missing Microsoft patches or system vulnerability. Once deployed, the agent applies the relevant Windows patches in the system and security updates and updates the status in Desktop Central. The installation process can be scheduled from patch settings option.
Patch reports gives details about system vulnerability level, missing Windows patches, applicable Windows patches, task status, etc. All these reports are available as pdf or in printer friendly versions.
Desktop Central facilitates administrators to create and configure severity levels for the missing patches. This helps them to deploy patches based on severity. So they need not evaluate system health and vulnerability status based on a common list of missing patches. This helps them to be more accurate and specific to identify the significant patches which are missing and rate it based on severity of the missing patch. This not only tailors their day to day patch management activity but also enhances the patch management process to be more accurate and reliable.
Using Desktop Central's Automated Patch Deployment feature, you can automate your patch-management process. This feature enables you to deploy patches that are missing in the computers in your network automatically. You can automate the following tasks using the Automated Patch Deployment feature:
All the levels of patch-deployment automation mentioned above can be specified fora specific set of client systems. You can choose to have different levels of automationfor different sets of client systems. The process of deploying patches automatically depends on the level of automation you choose.
Anti-Virus definition updates is quite crucial for enterprises that run Microsoft Forefront Client Security software to protect their networks from the attack of trojans and viruses. With malicious code on the increasing side, Network Administrators need to keep an eye on these frequent definition updates to avoid any possible mishaps. However, you can simplify the process using Desktop Central's Patch Management options. Using Automated Patch Deployment you can schedule the frequency to scan the systems for virus definition updates and specify the action to be performed on successful completion of the scanning.
You can manage Windows patches using the free edition of Desktop Central.
For more details refer to the Patch Management and PatchManagement Life Cycle topics in the online help.