Automated patch management – a foundation for your SecOps initiative

New Member.
0 0 1,742

Article written by Nimish Shelat (Product Marketing) and Derek Kruger (Technical Marketing)tasks.PNG


Tracking, provisioning, and configuration of all operating systems, databases and middleware is a difficult task. When you add in the processes surrounding patches applied to all of these listed functions, and the task becomes exponentially challenging—especially when performed manually. To accomplish this, IT admins must have a patch plan and schedule in place and then initiate and monitor the progress on updates. But this process never ends because additional patches will need to be installed soon enough.

The reality of the situation is that IT teams are aware of the required patches. But, struggles with bandwidth and the available window for updates are limited. The team seems to be always behind. There is also the concern about patches disrupting the current stability of the environment. This is why patches have to be tested in phases and rolled out in small areas. This increases the time from decision to roll out.

Automated patch management increases efficiency and helps IT comply with any regulatory or internal requirements for securing IT systems against possible vulnerabilities.

What was formerly a tedious repetitive manual task can now be automated to ensure consistent patching with the latest patch releases for heterogeneous OS, database and middleware vendors. Micro Focus Data Center Automation (DCA) keeps enterprises better protected by automating the patching of OS, database, and middleware. Rather than manually keeping all systems up-to-date with patches, IT pros can now delegate that task to DCA which can seamlessly handle the patching process. DCA also meets compliance audit requirements and provide compliance reports as required by the respective compliance benchmarks. However, the efficiency and effectiveness of the DCA comes not just by automating patching, but rather in applying the right patches to the right targets at the right time. DCA brings the power of dynamically applying vendor recommended patches!

Data Center Automation automatically determines the difference between the current patch level of the OS and vendor-recommended patches. During the patching process, DCA will only update the required patches on each OS instance. Conventional static patching relies on a list or baseline that must be maintained within the organization. Ongoing patching with Service Level Objectives (SLOs) ensures that resources are always patched to vendor specifications. With DCA you can create custom patch policies to ensure that only the types of patches important to your organization are implemented.

DCA extends static and vendor recommended dynamic patching with a Risk Dashboard to enable businesses to keep their operations secure. Common Vulnerabilities and Exposure (CVE) data is imported from the National Vulnerability Database (NVD). This data is compared against resource patch metadata to determine which patches are needed. The risk from exposure is displayed on a dashboard. This dashboard can be customized to highlight vulnerabilities of interest.dynamic patching.png




Learn more about taming your patching situation here.


About the Author
Currently focused on Datacenter Automation and IT Process Automation solutions. The scope of these solutions spans across server, network, database and middleware infrastructure. The solutions are optimized for tasks like provisioning, patching, compliance, remediation and processes like Self-healing Incidence Remediation and Rapid Service Fulfilment, Change Management and Disaster Recovery.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.