This month we had the pleasure to have Kent Agerlund join us for this webinar on the challenges of patching beyond Microsoft OSs.
If you missed the presentation, you can catch up with it here.
Below, the answers to the questions (unedited) raised during the live presentation:
Question: What tool are you using to generate dashboards?
Kent: The dashboard is a service delivered by CTGlobal that can be used to visualize your enterprise environment. More information and to request a free trial visit http://ctglobalservices.com/sccm-dashboard/
Question: is that report available
Kent: The reports mentiond in the slides are available for download at the bottom of this page. All the reports in the demos are either part of the CTGlobal dashboard or the Software Vulnerability Manager
Question: Kent can you recap how to have an overall thought process into the integration of secunia and the patches needed and SCCM to actually deploy it.
Kent: Some vendors like Adobe patch on a regular basis. For them I approve the updates in Software Vulnerability Manager and publish them to SCCM where I have a update group only for Adobe updates. Other updates like VLC are often bundled in the same Software Update group. The tricky part is the pilot test, as we have no guarantee that our normal pilot devices have the insecure version installed. To work around that, I visit oldapps.com and download some of the older apps to a virtual machine for pilot testing.
Question: What is the impact of IIS private memory set too high? Other recommended settings?
Kent: If you don’t cap the memory, in theory it can consume all available memory on the server.
Question: do you have further details about the compliance baselines?
Kent: The baselines, look at the WSUS GPO settings that are applied to registry on the devices. I use the baselines to ensure the GPO’s are applied the way I expect them to be
For all Software Vulnerability Manager related questions:
For CTGlobal SCCM Dashboard questions:
- Whitepaper: Managing Non-Microsoft Updates
- Infographic: Close the Risk Window and Reduce the Attack Surface
- Datasheet: Software Vulnerability Manager
- Report: Vulnerability Review 2017