Patch Management Software

Automated Patch Management Software for Enterprises

Patch Management software applications that are popular today, aim at overcoming the vulnerabilities that create security weakness, corrupt critical system data or cause system unavailability. Such software vulnerabilities can otherwise be a nightmare for Network Managers. IT Administrators can't even think of a good solution, without understanding how vulnerable their systems are. This makes them to constantly look out for a solution that scans for network vulnerabilities, identifies missing security patches and hotfixes, applies them immediately and mitigates risk; and not just a patch deployment software.

Desktop Central's agent-based solution handles every aspect of Windows and Non- Microsoft patch management like System discovery, identifying the required Windows Microsoft updates and Non-Microsoft Patch details, deploying relevant patches, hotfixes, security updates, and patch reports to make network administrators job simple. Network Managers can opt for this completely automated patch management software solution and don't have to worry about patching Windows systems ever. Desktop Central's Patch Management solution works for both Windows Active Directory and Workgroup based networks. Also, you can manage both Microsoft and Non-Microsoft Patches using a single Patch Management application.

Refer to Securing Windows Desktops to see the ways to enhance desktop security using Desktop Central.

Features

• Uses a hosted Patch Database at ManageEngine site to assess the vulnerability status of the network
• Completely automated Patch Management Solution for both physical and virtual assets.
• Solution from detecting the missing patches/hotfix to deploying the patches
• Patch based deployment - Deploy a patch to all the systems applicable
• System based patch deployment - Deploy all the missing patches and hotfixes for a system
• Provision to test and approve patches prior to bulk deployment
• Automatic handling of patch interdependencies and patch sequencing
• Reports on System vulnerabilities, Patches, OS, etc.
• Provides an update of the patch deployment status.
• Supports both Microsoft and Non-Microsoft Patches.
• Supports Anti-Virus Definition Updates for Microsoft Forefront Client Security Software.

Automatic System Discovery

The Desktop Central solution performs automatic discovery of Windows systems using Active Directory. Administrators can choose the systems that have to be managed using Desktop Central. The Desktop Central agent that is installed in the managed systems performs the actions initiated from Desktop Central Server. This agent is responsible for vulnerability assessment scan and patch deployment.

Online Vulnerability Database

The Online vulnerability Database is a portal in the ManageEngine site, which hosts the latest vulnerability database that has been published after a thorough analysis. This contains the list of all Microsoft Windows updates that are available. This database is exposed for download by the Desktop Central Server situated in the customer site, and provides information required for patch scanning and installation.

The Desktop Central Server located at the enterprise (customer site) scans the systems in the enterprise network, checks for missing and available Windows patches against the comprehensive vulnerability database, downloads and deploys missing Microsoft patches and service packs, generates reports to effectively manage the patch management process of the enterprise.

Vulnerability Assessment Scan

Dekstop Central scans all the systems for missing Windows patches in operating systems and applications and the level of vulnerability is reported. These missing Windows patches are identified from the local vulnerability database, which is periodically synchronized with the external online vulnerability database maintained by ManageEngine.

Approval of Patches

Most often the patches have to be deployed in a test environment to ensure that they are error-free and stable, before they are rolled out to the entire network. Also, in cases where you have a team of system administrators, you can ensure that the patches tested by one team can directly be approved for deployment. This saves a lot of time, which can be utilized for other critical tasks.

Patch Deployment

Dekstop Central takes care of deploying the patches based on missing Microsoft patches or system vulnerability. Once deployed, the agent applies the relevant Windows patches in the system and security updates and updates the status in Desktop Central. The installation process can be scheduled from patch settings option.

Patch Reports

Patch reports gives details about system vulnerability level, missing Windows patches, applicable Windows patches, task status, etc. All these reports are available as pdf or in printer friendly versions.

Severity Based Patch Management

Desktop Central facilitates administrators to create and configure severity levels for the missing patches. This helps them to deploy patches based on severity. So they need not evaluate system health and vulnerability status based on a common list of missing patches. This helps them to be more accurate and specific to identify the significant patches which are missing and rate it based on severity of the missing patch. This not only tailors their day to day patch management activity but also enhances the patch management process to be more accurate and reliable.

Automated Patch Management Solution

Using Desktop Central's Automated Patch Deployment feature, you can automate your patch-management process. This feature enables you to deploy patches that are missing in the computers in your network automatically. You can automate the following tasks using the Automated Patch Deployment feature:

• Scanning computers periodically to identify missing patches
• Identifying missing patches and downloading them from the vendors' Web sites
• Downloading patches that you require and creating tasks related to patch deployment
• Downloading patches that you require automatically and installing them on to specific computers

All the levels of patch-deployment automation mentioned above can be specified for a specific set of client systems. You can choose to have different levels of automation for different sets of client systems. The process of deploying patches automatically depends on the level of automation you choose.

Microsoft Forefront Client Security Definition Updates

Anti-Virus definition updates is quite crucial for enterprises that run Microsoft Forefront Client Security software to protect their networks from the attack of trojans and viruses. With malicious code on the increasing side, Network Administrators need to keep an eye on these frequent definition updates to avoid any possible mishaps. However, you can simplify the process using Desktop Central's Patch Management options. Using Automated Patch Deployment you can schedule the frequency to scan the systems for virus definition updates and specify the action to be performed on successful completion of the scanning.

Supported OS and Applications

• Windows 7 (Enterprise, Professional, Ultimate)
• Windows 8
• Windows Vista (Enterprise, Business, Ultimate)
• Windows Server 2008 R2(Datacenter, Enterprise & Standard)
• Windows Server 2008 (Standard, Enterprise & Web Server Editions)
• Windows Server 2003 (Standard, Web & Small Business Server Editions)
• Windows Server 2012
• Windows XP Professional
• Windows 2000 Professional
• Windows 2000 Server
• Windows 2000 Advanced Server
• Microsoft Office 2003
• Microsoft Office 2007
• Internet Explorer
• Windows Media Player
• .NET Framework
• MSXML
• DirectX (View Complete List)

Free Patch Management Software

You can manage Windows patches using the free edition of Desktop Central.

For more details refer to the Patch Management and Patch Management Life Cycle topics in the online help.