Patching Up System Holes
Just a year earlier, Adelphia, one of the nation's largest cable-TV companies, which is looking by the end of the year to emerge from Chapter 11 bankruptcy after the SEC in 2002 charged its top executives with financial fraud, was brought to its knees by the Sobig and Blaster worms. "It shut down two of our call centers for a good day and affected many of our regional offices," Constable says. "We couldn't communicate over the network for half-day intervals."
Back then, the timing couldn't have been worse. Adelphia was in the middle of an Active Directory rollout. When the attacks hit, the company's access-control lists weren't current, making it difficult to update the desktops.
So what was different this year? Why did the January '04 attack leave Adelphia relatively unscathed, even though MyDoom was one of the most destructive worms ever unleashed on the Internet? In a word (or three), patch-management software.
After witnessing the battering Adelphia took from last year's viruses and worms, the company's IT team opted for a proactive approach to protection. They installed patch-management software from solution provider Network America as a key tool in strengthening Adelphia's system's resistance to worms.
Patch-management software automates the distribution of software updates from multiple-system and application providers to a customer's PCs and servers throughout the enterprise. It's becoming a popular way to address the release of software updates, and for two main reasons. First, patch-management software automates the process of retrieving patches from any number of vendors. Second, it both authenticates the patches and ensures they are appropriately distributed to all desktops and servers. Patch-management tools also meet a growing demand for an automated, reliable approach to downloading and implementing software updates across distributed computers. This customer demand is being driven by vendors' releasing a growing number of patches at both the operating system and applications levels.
Easy Seller
Several solution providers have found patch management to be a lucrative way to help customers secure their systems at the device level. Network America, the Clearwater, Fla., solution provider that sold and installed Adelphia's patch-management tool, provided LANDesk Patch Manager, a module of LANDesk Software's overall desktop and server-management suite. Joe Meier, CEO of Network America, says patch-management software is becoming an attractive add-on. "There's huge demand," Meier says. "It's one of the easiest add-on modules to sell because it addresses a pain point."
LANDesk Software is just one of several vendors that offer patch-management tools. Two others that supply solution provider Network America are Altiris and Symantec. Other vendors known for their patch-management tools include Marimba, Opsware and Veritas. Microsoft's SMS tool is widely used, too, but it's limited to the Windows environment.
Hewlett-Packard is also getting involved with patch-management tools. HP recently announced that it will acquire Novadigm and Consera, two vendors whose products have the ability to perform patch management. HP plans to integrate their products into its OpenView systems-management suite. The planned acquisitions are key to HP's Adaptive Enterprise initiative in the area of addressing overall change management in IT environments.
Dynamic Duo
In Adelphia's case, although there were plenty of vendors to consider for patch-management software, in the end it came down to just two. During testing, several of the other patch-management products ran into complications. The two that ran smoothly were LANDesk Patch Manager and patch management software from Marimba. Ultimately, Adelphia chose LANDesk for its ability to support locations with links as low as 64 KB. "We were looking for a targeted multicast," Constable explains.
Marimba officials say the company's latest release, available as part of the company's new Marimba 6 suite or as a separate product, provides a more scalable patch-management solution. (Adelphia evaluated an earlier release.) Purnima Padmanabhan, Marimba's director of product management, says its new patch manager is integrated with the company's software-distribution platform and can handle thousands of patches with any number of client and server associations. "We have the built-in intelligence to automatically apply the right patch in the right order," Padmanabhan says.
Automating the installation of software patches made Adelphia's 435 remote locations much less vulnerable to worms and viruses. But Constable and his team still weren't fully satisfied. So they further bolstered their patch-management system with software from Internet Security Systems. That software, supplied by Secure Network Technologies of Syracuse, N.Y., first provides real-time reports on the impact of any worms and viruses, then isolates the impact of any hostile software that actually enters a system. If a company's PCs are under attack, the scanning software will tell the administrator exactly where in the network the attack is coming from, and what type of attack it is.
Why did Adelphia need further protection? Because there is often a gap of hours, days or even weeks between the time hackers first attack a software system and when software vendors finally supply patches to stop them. It's during that gap that most of the damage will occur. Constable's team hopes that its two-pronged approach--patch-management plus the ISS software--will help make the company's systems almost totally hacker-proof.
Of course, Adelphia's patch-management and ISS solutions don't replace the need or benefit of firewalls and antivirus software. Rather, patch management and real-time scanning can minimize the impact of those intruders.
Nothing in this wired age is foolproof. But Adelphia and others find that patch-management software moves them closer to true security at the desktop--and sitting pretty.
Virus-Free Since 2003
Another company using patch-management software to take a proactive stance against worms like MyDoom is Farm Credit Services of America in Omaha, Neb. Like Adelphia, Farm Credit is also a customer of solution provider Network America, and like Adelphia it also uses patch-management modules from LANDesk. Since deploying the software in late 2002, Farm Credit officials say they have yet to be affected by a single worm. "We never had a virus in all of 2003," boasts Pete Maudlin, PC integration specialist at Farm Credit. "It was all due to taking preventative measures."
Farm Credit officials acknowledge that patch management is only part of an overall antihacker protection strategy. "Patch management isn't the only thing we are doing to shield ourselves," Maudlin says. "Instead, it's a conglomeration of all the things we've done together that have provided success."
In fact, three other key elements in Farm Credit's war against virus- and worm-spreading hackers are its firewalls, Symantec's Norton Antivirus software, and spam-blocking appliances from Neoteris. Still, Maudlin says its patch-management software is critical. Should a worm or virus get through, the software ensures that specific vulnerabilities across the enterprise will be protected.