Security suite patches Windows kit
Posted on February 27, 2008
Filed Under Vnunet |
src="http://ivory.vnunet.com/images/shavliknp6/medium.jpg" />
Dave Bailey, IT Week,
Wednesday 27 February 2008 at 00:00:00
Shavlik’s latest patching and anti-spyware suite keeps desktops and
servers clean
Launched this month, version 6 of Shavlik’s NetChk Protect security suite
aims to keep Windows desktop systems and servers clear of malware. The updated
package features a new patching system called Any Patch Anywhere and an
enhanced management console. Any Patch Anywhere uses a wizard-driven custom
patch editor and Shavlik’s Dynamic Product Detection scan engine technology,
allowing users to create and maintain custom patches. The new network-based
console is designed to make it easy for administrators to check security
status, manage system policies and schedule reboots so as to minimise
disruption to users. Extended support Shavlik has also extended the range of
systems that the suite can protect to include BlackBerry Server, Microsoft
Exchange 2007 SP1, Microsoft ISA 2004 Enterprise Edition, Skype, Sun Java
applications and VMware. We tested NetChk Protect 6 using a standard Intel
system with two 3.2GHz Intel Xeon dual-core processors and 2GB of system
memory, running Windows Server 2003 R2. For storing patch data, spyware
signatures and scan data, we installed SQL Server 2005 Enterprise Edition.
Although easy to install, the system takes time to set up. This is because the
process requires users to make several key decisions about patch and spyware
remediation and when to reboot systems. After the patch updates were fed into
the database and the signature files for the spyware scan downloaded, we could
define which systems to check for patching, and which for spyware. Protect 6
can run three types of built-in scans: a security patch scan, a scan for
picking up security and non-security patches, and a spyware scan. Users can
also define their own custom scans by using the Agent Policy Manager to check
the status of specific applications that they have rolled out to their desktop
systems, for example. We patched the server on which NetChk was running with
Windows Update, but left all the other applications that were installed and
running unpatched. A security-only scan picked up all 23 of the security
updates and also correctly found our SQL Server database was missing service
pack 1. It also informed us of four missing patches that should be installed to
secure the system. The graphical user interface does a good job of clearly
relaying a wide range of information. Protect 6 also enables users to uninstall
problem patches and roll back spyware signatures. Admins can define the scope
of a scan using “system collections” that come under a range of headings, such
as My Domain or My…
 |
 |
Comments
Leave a Reply
