Sept 14thUser Group Meeting
Chris Stanley did the intros.. he and Eric Dietz are going to resign from the advisory board.. both have served since the beginning of the group about 10 years ago. Thanks for your years of service!!
Mike Grueber – Senior Product Mangers for Patch Management 7.1 SP1
Jeremy Carter will be taking over for Mike. Mike will be taking over the NS core. Jeremy will be covering all things software related.
Quick group survey.. many users on CMS.. a few on DS only. Many users involved in Patch Management.
May 27thnew release but Patch Management was not included.
Exploits: 90% involve vulnerabilities that there is already a patch or fix or secure configuration settings for.
Patch Management now has first time setup wizard (this was demoed). This wizard bring all important setup options together. Needs to be configured.. there are 3 pages. 1stpage is configuring the schedule to download the metadata. 2ndpage labeled notifications configuring automation policies. 3rdpage interval for system assessment scan – formerly called vulnerability scan.
Most vulnerable apps:
- Apple Safari
- Mozilla Firefox
- Google Chrome
- IE
- Adobe Flash Player
- Adobe Reader
- Java
- Adobe Acrobat
- Adobe Air
Internet Browsers and Plug ins are a top priority for patching.
Browser plug ins:
Microsoft Active X, Java and Flash
Patch now has large increase in 3rdparty coverage. They have added support for 25 common windows apps. There is significant increase in Microsoft coverage comparable to WSUS.
7.1 SP1
Updates associated w/ security bulletins
Other updates associated with KB articles
Customer estimates that the coverage will include 2.5 – 3 times more updates from Microsoft than 7.1
Performance, Usability and Supportability
Showed page the does the task of importing the metadata the user interface is different from what it was in the past.
System Assessments – previously called the vulnerability scan.. used to be the scan for MS, one for Adobe. There is a single scan now. One policy can do updates for multiple vendors.
Patch Metadata – delete previously downloaded data that is no longer required.
System Assessment Scan Task
Can be used in cases where there is a need to quickly run a system assessment scan or on and individual computer or small group of computers.
Software update wizard – download and distribute
No need to download now
New dialog shows progress of downloading updates packages and creating policy
Changes to system restart/reboot
Patch Data & Migration
Migration to Patch 7.1 SP1. Migration process requires the running of a data cleanup process that deletes MS and Adobe policies, updates, bulletins and inventory rules.
Other Tech Considerations:
Disabling previously installed versions in use
Workaround is documented
Maintaining application customizations… customizations can be preserved….
Questions and Answers…
Software is location on the Solution SAM web site…
Prizes:
100 Connect points to Jodi James
125 connect points to Brad Yanta
150 connect points to Betty Elkington
Symantec Mugs to:
Jason Kruze, Jason Frye, Sergey Karasev and Kathy Maciejeski
Symantec Bag: Greg Wilmer
Symantec Folder: Jack Blaydes
Meeting Wrap up
Next meeting will be held in during the start of 2012.
Please see attached power point provided my Mike Grueber, Symantec