May 2008

Issue 44

 		[ Tell a Colleague ]  
   Feature Story  

Reducing Enterprise-wide Security Risks

Automated remediation can close the “risk gap”

by Dave Eike, Director of Enterprise Solutions, Shavlik Technologies

Ten years ago, talk of information security would generally focus on the subjects of anti-virus and patch management. Now, information security extends well beyond that, with continuing concern for hackers trying to intrude, systems running unauthorized software and even employees plugging thumb drives into USB ports to download customer data for sale to the highest bidder.


  

 Eric's Corner

Supporting Virtualization

Eric Schultze

I'm really excited to talk about one of our upcoming features — specifically, support for Virtualization.

Shavlik already supports patch and configuration management for virtual systems on your network. A running virtual system is just like a real system to Shavlik NetChk Protect and NetChk Compliance. You can scan and patch these virtual systems today to ensure that your running VMs are protected.

Now Shavlik is taking things to the next level. Upcoming releases of Shavlik NetChk Protect will enable you to scan and patch OFFLINE virtual images. Offline images are those that aren't currently powered on. You may have hundreds of offline virtual images in your VM repository — these VMs are powered on for hours or days and may be powered off again until the next month when they are needed. It's important to ensure that these systems are patched as soon as they are brought online, else you place your network at risk from these unpatched systems.


  

 Subscription

Privacy Policy
Enter your email address.


Add Remove
 

 Reader Survey

“The Academy” is a Web site supporting the security community with video-based instruction on how to install, configure and troubleshoot some of today's most popular security technologies. Visit the site at: www.theacademy.ca
  

 Spotlight

President and CEO Mark Shavlik's Computer
Security Blog
  

Partners

Shavlik Technologies Teams with Virteva:


 

 Resources

Shavlik Forums

PatchManagement.org

ISSA

SANS

Computer Security Institute
  

 Archives
Spring 2009
March 2009
Vol. 1 Issue 62
Issue 46
October 2008
Vol. 1 Issue 46
Issue 45
July 2008
Vol. 1 Issue 45
Issue 43
January 2008
Vol. 4 Issue 3
Issue 42
October 2007
Vol. 4 Issue 2
Issue 41
July 2007
Vol. 4 Issue 1
Issue 40
April 2007
Vol. 4 Issue 0
Issue 39
January 2007
Vol. 3 Issue 9
Issue 38
October 2006
Vol. 1 Issue 38
Issue 37
September 2006
Vol. 1 Issue 37
Issue 36
August 2006
Vol. 1 Issue 36
Issue 35
July 2006
Vol. 1 Issue 35
Issue 34
June 2006
Vol. 1 Issue 34
Issue 33
May 2006
Vol. 1 Issue 33
Issue 32
April 2006
Vol. 1 Issue 32
Issue 31
March 2006
Vol. 1 Issue 31
Issue 30
February 2006
Vol. 1 Issue 30
Issue 29
January 2006
Vol. 1 Issue 29
Issue 28
December 2005
Vol. 1 Issue 28
Issue 27
November 2005
Vol. 1 Issue 27
Issue 26
October 2005
Vol. 1 Issue 26
Issue 25
September 2005
Vol. 1 Issue 25
Issue 24
August 2005
Vol. 1 Issue 24
Issue 23
July 2005
Vol. 1 Issue 23
Issue 22
June 2005
Vol. 1 Issue 22

[MORE]

 Featured Case Study

How to Ensure 5,000 Computers Stay Patched and Healthy in Just a Few Days

CDW, a large technology provider, turned to Shavlik Technologies and deployed NetChk Protect. A simple install resulted in peace of mind, and immediate, advanced reporting provided a more accurate view of CDW’s overall security posture. Read More


  

 Complimentary White Papers

Creating a Secure Base in a Virtual World

Virtualization is a booming trend because of substantial operational savings. With the right security infrastructure, an improved level of security can result.

Download this complimentary white paper

Shavlik Security Suite for PCI DSS Requirements

PCI compliance is not an option — it is a mandate. Whether you’re a company processing, storing or transmitting credit card/debit payments, a retail merchant or a financial institution, you are an organization required to meet PCI industry standards by securing your network. Learn more about these requirements, penalties and Shavlik Security Suite that ensures compliance.

Download this complimentary white paper

Federal Desktop Core Configuration Compliance

The only practical way to achieve and sustain FDCC compliance is an automated compliance management system — one that enforces a “gold standard” set of policies by constantly monitoring all network machines for compliance and automatically fixes problems. Learn more:

Download this complimentary white paper
  

 Announcement

Coming Soon! Shavlik NetChk Compliance 3.1

Shavlik releases NetChk Compliance 3.1 later this quarter with additional custom and built-in checks for enhanced coverage of industry standard frameworks such as PCI DSS, ISO 27002 and SOX. The additional checks include User Rights, File and Directory ACLs. The NetChk Compliance 3.1 SCAP Edition will also include the capability to automatically ingest information in the SCAP protocol and process it into checks that can be used by the Compliance assessment and remediation engine. The checks will be used to determine compliance with the FDCC requirements. Learn More
  

 Shavlik Product Tips and Tricks

Shavlik NetChk Compliance Tips:

If you are scanning against SQL Servers, disable the password check so accounts are not locked out during a scan.

Two more Shavlik NetChk Compliance tips

Shavlik Security Intelligence Tips:

When creating pie charts, make sure to create them vertically and not horizontally. This will give you one pie chart instead of multiple charts.

Two more Shavlik Security Intelligence tips

Shavlik NetChk Protect Tips:

You can use Patch Groups to automate Scanning and Deployment to your machines. Creating a Patch Group and selecting only patches that are approved for deployment lets you schedule scans that recur on a regular basis. You’ll have confidence that only approved patches are deployed. As new patches are released, you can easily add them to your Patch Group when they have been tested and approved.

Two more Shavlik NetChk Protect tips
  

 Upcoming Training Opportunities

Complimentary Security Webinars

Shavlik provides on-going education in the enterprise network security industry. Our Webinar training provides a solid foundation concerning a variety of subjects and product solutions.

  • Getting Started: Shavlik NetChk Protect — 45 minutes of learning how to maximize network security. Register

  • Advanced Training: Shavlik NetChk Protect — 90 minute product demo Webinar to learn agent-based architecture, distribution servers and console configurations. Register

  • Minimize the Impact of Patch Tuesday — Learn which patches are critical to your environment and how to test and deploy them quickly. Register

Patch Management Classroom Training Course

Two days of in-depth training to help you maximize your IT investment. Hands-on lecture/lab style course helps you understand, deploy and successfully use Shavlik’s NetChk Protect. Register
  

 Shavlik Forum

The Shavlik Forum provides product information, FAQs and technical support for Shavlik’s Security Suite of solutions. Top recent Forum posts of note include:

Shavlik and Virtualization
http://forum.shavlik.com/viewtopic.php?t=5730

NetChk Protect 6.0 Change Impacting Patch Groups and Patch Types
http://forum.shavlik.com/viewtopic.php?t=5755

Q&A from the NetChk Protect 6.0 Training Webinar
http://forum.shavlik.com/viewtopic.php?t=5668

To view all posts on the Shavlik Forum visit http://forum.shavlik.com/
  
Shavlik Footer
about shavlik / careers / contact us / international     
     INFORMATION RISK MANAGEMENT     SECURITY PRODUCT     SUPPORT     PARTNERS     NEWS
Sponsored by Shavlik Technologies
Copyright © 2008 InternetVIZ, LLC. All rights reserved.
 		[ Tell a Colleague ]
Powered by IMN