Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Solutions for Security Security Patch Management Brodie Desimone, CISSP Senior Technology Specialist Michael Nowacki, CISSP.

Published byArthur Watson Modified over 9 years ago

Similar presentations

Presentation on theme: "Microsoft Solutions for Security Security Patch Management Brodie Desimone, CISSP Senior Technology Specialist Michael Nowacki, CISSP."— Presentation transcript:

1 Microsoft Solutions for Security Security Patch Management Brodie Desimone, CISSP Senior Technology Specialist BrodieD@microsoft.com Michael Nowacki, CISSP Senior Security Technology Specialist mnowacki@microsoft.com

2 Reduce Frequency, Quantity of Patches Inadequate Communications, Guidance, and Training Inconsistent Patching Experience Multiple, Incomplete Patch Management Tools Inconsistent Patch Quality Customer Feedback

3 Microsoft Solutions for Security Addressing The Situation Security and patch management priority #1 – bar none – at MicrosoftSecurity and patch management priority #1 – bar none – at Microsoft Microsoft problemMicrosoft problem Industry problemIndustry problem Ongoing battle with malicious hackersOngoing battle with malicious hackers Need comprehensive, tactical and strategic approach to addressing the situationNeed comprehensive, tactical and strategic approach to addressing the situation Trustworthy Computing InitiativeTrustworthy Computing Initiative Security framework and focusSecurity framework and focus Patch Management InitiativePatch Management Initiative

4 Microsoft Solutions for Security TWC Overview

5 Microsoft Solutions for Security Microsoft’s Security Framework Clear security commitment Clear security commitment Full member of the security community Full member of the security community Microsoft Security Response Center Microsoft Security Response Center Secure architecture Secure architecture Security aware features Security aware features Reduce vulnerabilities in the code Reduce vulnerabilities in the code Reduce attack surface area Reduce attack surface area Unused features off by default Unused features off by default Only require minimum privilege Only require minimum privilege Protect, detect, defend, recover, manage Protect, detect, defend, recover, manage Process: How to’s, architecture guides Process: How to’s, architecture guides People: Training People: Training SD 3 + Communications Secure by Design Secure by Default Secure in Deployment Communications

6 Patch Management Initiative Goals Cross divisional team with mission to resolve key patch management issues Consistently high quality Consistently small patch sizes Minimize reboots on patch installation Accurate, effective, easily discoverable, and timely information Process and best practice guidance; training Consistent formats and mechanisms for discovery, applicability evaluation, un- installation, etc. of patches and updates The right set of functionality Easy to deploy, administer, use Interoperability with third party solutions Informed & Prepared Customers Superior Patch Quality Consistent & Superior Update Experience Best Patch & Update Management Solutions

7 Improve the Patching Experience New Patch Policies Extending support to June 2004Extending support to June 2004 Windows 2000 SP2Windows 2000 SP2 Windows NT SP6aWindows NT SP6a Non-emergency security patches on a monthly release scheduleNon-emergency security patches on a monthly release schedule Allows for planning a predictable monthly test and deployment cycleAllows for planning a predictable monthly test and deployment cycle Packaged as individual patches that can be deployed togetherPackaged as individual patches that can be deployed together Achieves benefits of security rollup with increased flexibilityAchieves benefits of security rollup with increased flexibility Patches for emergency issues will still release immediately

8 Microsoft Solutions for Security By late 2004: Consolidation to 2 patch installers for W2k and later, SQL 2000, Office & Exchange 2003; all patches will behave the same way (update.exe, MSI 3.0) Improved tools consistency By mid-2004: Consistent results from MBSA, SUS, SMS, Windows Update (will all use SUS 2.0 engine for detection) Reduce patch complexity Reduce risk of patch deployment Now: Increased internal testing; customer testing of patches before release By mid-2004: Rollback capability for W2k generation products and later (MSI 3.0 patches) Reduce downtime Now: Continued focus on reducing reboots By late 2004: 30% of critical updates on Windows Server 2003 SP1 installed w/o rebooting (“hot patching”) Your Need Our Response Improve the Patching Experience Patch Enhancements Reduce patch size By late 2004: Substantially smaller patches for W2k generation and later OS & applications (Delta patching technology, next generation patching installers) Improved tools capabilities May 2004: Microsoft Update (MU) hosts patches for W2k server, and over time SQL 2000, Office & Exchange 2003 By mid-2004: SUS 2.0 receives content from MU & adds capabilities for targeting, basic reporting and rollback

9 Solution Components Analysis Tools Microsoft Baseline Security Analyzer (MBSA)Microsoft Baseline Security Analyzer (MBSA) Office Inventory ToolOffice Inventory Tool Online Update Services Windows UpdateWindows Update Office UpdateOffice Update Content Repositories Windows Update CatalogWindows Update Catalog Office Download CatalogOffice Download Catalog Microsoft Download CenterMicrosoft Download Center Management Tools Automatic Updates (AU) feature in WindowsAutomatic Updates (AU) feature in Windows Software Update Services (SUS)Software Update Services (SUS) Systems Management Server (SMS)Systems Management Server (SMS) Prescriptive Guidance Microsoft Guide to Security Patch ManagementMicrosoft Guide to Security Patch Management Patch Management Using SUSPatch Management Using SUS Patch Management Using SMSPatch Management Using SMS

10 Patch Management Guidance Prescriptive guidance from Microsoft for effective patch managementPrescriptive guidance from Microsoft for effective patch management Uses Microsoft Operations Framework (MOF)Uses Microsoft Operations Framework (MOF) Based on ITIL* (defacto standard for IT best practices)Based on ITIL* (defacto standard for IT best practices) Details requirements for effective patch management:Details requirements for effective patch management: Technical & operational pre-requisitesTechnical & operational pre-requisites Operational processes & how technology supports themOperational processes & how technology supports them Daily, weekly, monthly & as-needed tasks to be performedDaily, weekly, monthly & as-needed tasks to be performed Testing optionsTesting options Three patch management guidance offeringsThree patch management guidance offerings Microsoft Guide to Security Patch Management**Microsoft Guide to Security Patch Management**Microsoft Guide to Security Patch ManagementMicrosoft Guide to Security Patch Management Patch Management using Software Update Services***Patch Management using Software Update Services***Patch Management using Software Update ServicesPatch Management using Software Update Services Patch Management using Systems Management Server***Patch Management using Systems Management Server***Patch Management using Systems Management ServerPatch Management using Systems Management Server *Information Technology Infrastructure Library **Emphasizes security patching & overall security management ***Comprehensive coverage of patch management using the specified technology

11 Microsoft Solutions for Security Windows XP SP2Windows XP SP2 Improved network protectionImproved network protection Safer email and Web browsingSafer email and Web browsing Enhanced memory protectionEnhanced memory protection Beta by end of 2003, RTM based on customer feedbackBeta by end of 2003, RTM based on customer feedback Windows Server 2003 SP1Windows Server 2003 SP1 Role-based security configurationRole-based security configuration Inspected remote computersInspected remote computers Inspected internal environmentInspected internal environment RTM H2 CY04RTM H2 CY04 Delivering Security Technologies

12 Client Shielding Enhancements Security enhancements that protect computers, even without patches; Included in Win XP SP2 (H104) with more to follow Helps stop network-based attacks, file attachment viruses and buffer overruns Network Protection: Improved ICF protection turned on by defaultNetwork Protection: Improved ICF protection turned on by default Safer email: Improved attachment blocking for Outlook Express and IMSafer email: Improved attachment blocking for Outlook Express and IM Safer browsing: Better user controls to prevent malicious ActiveX controls and SpywareSafer browsing: Better user controls to prevent malicious ActiveX controls and Spyware Memory Protection: Improved compiler checks (/GS) to reduce stack overrunsMemory Protection: Improved compiler checks (/GS) to reduce stack overruns What it is What it does Key Features

13 Enterprise Shielding Enhancements Enterprise Quarantine Only clients that meet corporate security standards are allowed to connect; included in Win 2003 SP1 (H204) with more to follow Protects enterprise assets from infected computers Enforces specific corporate security requirements such as patch level, AV signature state and firewall stateEnforces specific corporate security requirements such as patch level, AV signature state and firewall state Ensure these standards are met whenEnsure these standards are met when VPN connections are made by remote clientsVPN connections are made by remote clients Wired or wireless connections are made by rogue and transient clientsWired or wireless connections are made by rogue and transient clients What it is What it does Key Features

14 Microsoft Solutions for Security H1 04 H2 04 FutureToday Extended support Monthly patch releases Baseline guidance Community Investments Windows XP SP2 Patching enhancements SMS 2003 SUS 2.0 Microsoft Update Broad training Windows Server 2003 SP1 Security technologies Next generation inspection NGSCB Windows hardening Continued OS-level security technologies

15 Microsoft Solutions for Security Security Resources New: IT Pro Security ZoneNew: IT Pro Security Zone http://www.microsoft.com/technet/security/communityhttp://www.microsoft.com/technet/security/communityhttp://www.microsoft.com/technet/security/community New: Security Guidance for the EnterpriseNew: Security Guidance for the Enterprise http://www.microsoft.com/technet/security/bestprachttp://www.microsoft.com/technet/security/bestprachttp://www.microsoft.com/technet/security/bestprac Subscribe to MSRC notifications:Subscribe to MSRC notifications: http://www.microsoft.com/securitynotificationhttp://www.microsoft.com/securitynotificationhttp://www.microsoft.com/securitynotification Trustworthy Computing:Trustworthy Computing: http://www.microsoft.com/mscorp/innovation/twc/http://www.microsoft.com/mscorp/innovation/twc/http://www.microsoft.com/mscorp/innovation/twc/ Hot Fix & Security Bulletin Search:Hot Fix & Security Bulletin Search: http://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/current.asphttp://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/current.asphttp://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/current.asphttp://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/current.asp

16 Microsoft Solutions for Security © 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

Download ppt "Microsoft Solutions for Security Security Patch Management Brodie Desimone, CISSP Senior Technology Specialist Michael Nowacki, CISSP."

Similar presentations

Patch Management Patch Management in a Windows based environment

Patch Management Patch Management in a Windows based environment
Connected Health Framework

Connected Health Framework
Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.

Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.
Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.

Desktop Value - Introducing Windows XP Service Pack 2 with Advanced Security Technologies Presenter: James K. Murray Title: Information Technologies Consultant.
Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.

Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.
Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
SAGE-AU Adelaide Windows Update Services Michael Kleef IT Pro Evangelist Microsoft Corporation Level 200.

SAGE-AU Adelaide Windows Update Services Michael Kleef IT Pro Evangelist Microsoft Corporation Level 200.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Enhancing Customer Security: Ongoing Efforts to Help Customers Dave Sayers Technical Specialist Microsoft UK.

Enhancing Customer Security: Ongoing Efforts to Help Customers Dave Sayers Technical Specialist Microsoft UK.
Information for Developers Windows XP Service Pack 2 Information for Developers.

Information for Developers Windows XP Service Pack 2 Information for Developers.
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Tech·Ed North America /19/2017 6:02 AM

Tech·Ed North America /19/2017 6:02 AM
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Similar presentations

Ads by Google