Review: Patch Management Solution Offers VARs Recurring Income
That situation spawned companies such as Patchlink, which brings a centralized, managed patching process to heterogeneous networks. The Scottsdale, Ariz.-based vendor's latest product, Patchlink Update Version 6.3, brings new features to the patch management space and can help Patchlink build up its channel program by providing a much-needed solution that can boost partners' profits.
For VARs looking to sell patch management products, one question remains: Who will buy patch management solutions if most of today's products already include auto patching capabilities? The answer: most any enterprise.
Free or bundled patching tools included with software are minimally effective at best. Bundled tools are usually for a single vendor's products, and the tools offer little accountability. Also, many of the bundled tools lack auditing and management capabilities.
Multiply those problems by the dozens of mission-critical applications found in today's enterprises, and you have a recipe for disaster. Administrators won't know what the latest patches are and who patched what and when. The hours wasted tracking down that information could be costly and impact network support. What's more, given today's regulatory compliance demands, not unifying patch management could be a poor business decision at best or an avenue to fines and legal problems at worst.
Patchlink Update 6.3 addresses those thorny issues. The product centralizes the patching process for companies ranging from a few nodes to a few hundred nodes. Out of the box, it offers patching capabilities for more than 40 products. Most major software vendors are covered by Patchlink's processes, and VARs will find support for Windows, Linux, Unix, Macintosh and Novell operating systems, along with support for various other software and hardware products.
Patchlink Update 6.3 installs on a Microsoft Windows Server 2003 system and requires Microsoft SQL Server 2005 along with the Microsoft .Net Framework. The product works as a client/server application and requires a client component, or agent, installed on the systems to be managed. Patchlink includes agents for Macintosh, HP-UX, AIX, Windows 98/NT/2000/XP/Server, Netware, SUSE Linux, Red Hat Linux and Sun Solaris.
Once installed, Patchlink Update functions constantly, monitoring client systems and communicating with Patchlink's Web-based update service. On a daily basis, PatchLink checks major software vendors for new vulnerabilities. When a vendor releases a patch, PatchLink creates a digital fingerprint package that identifies the unique characteristics of each patch, such as applicable operating systems and file attributes.
PatchLink then pretests each patch package on its appropriate operating systems and languages for quality assurance and, if all is well, releases the patch into the PatchLink Repository. The content is securely delivered to the PatchLink Update server via a 128-bit encrypted VeriSign trusted connection, along with RSA BSAFE encryption. Once the patch is delivered, the system administrator simply schedules the deployment of patch packages to all applicable devices on the network. Administrators have full control of the patching process based on predefined groups and baseline security policies. All of this is accomplished via the Web using standard HTTP or HTTPS protocols over Port 80 or Port 443, and it's domain- and directory-independent.
Solution providers will find Patchlink Update 6.3 easy to install and use. It features a browser-based management console, which can be used to quickly define policies and groups. Groups can be based on almost any factor, ranging from location to software types. Policies can be defined for when patches are deployed and which systems get patches. That proves to be a handy method for controlling the patching process on occasionally attached systems, such as notebook PCs or VPN-enabled endpoints.
Keeping deployment simple is a key focus of Patchlink Update. Tools are included to inventory the current network-attached devices, and a deployment wizard simplifies and automates agent distribution. Those features allow the product to be implemented in minutes across an enterprise.
Administrators will follow a basic formula for using the product. First there will be a vulnerability discovery phase, followed by agent deployment and a remediation phase, where patches are pushed to the client systems. The product then monitors and deploys patches.
Automated alerts and comprehensive reports help keep administrators on top of the patching process. A subscription service creates ongoing revenue for Patchlink VAR partners while providing product updates for end users. Auditing and troubleshooting chores are well -represented by Patchlink Update's reporting engine, which offers user-defined and canned reports to meet most any need. An important component of the reporting module is validation, where administrators can build reports showing the successful patch deployment.
Administrators also can delay patches or relegate the patching process to the off hours by defining agent availability schedules. That capability proves to be a valuable tool for throttling bandwidth. And because of Patchlink Update's HTTP-based functionality, client/server methodology, and powerful group and policy definitions, solution providers can create a managed service for smaller customers by hosting the patching server and deploying agents to their networks.
On the channel front, Patchlink is seeking new partners and aims to increase its channel sales beyond the current 50 percent of total sales. To that end, the company is lowering the point of entry for its partner program by offering simplified training, enhanced support and ongoing revenue in the form of subscriptions. There's no cost to enter the partner program, and Patchlink is shifting its product line to include more comprehensive security tools beyond patch management.
A simplified channel program paired with a product that brings ease of use to a complex situation is a surefire way to lure partners. Add to that good margins, relationship-building tools and recurrent revenue, and you have what may be an ideal partner program for VARs looking to enter the security market.