A day in the life of a Shavlik Administrator

We recently caught up with Randy Bowman to learn more about how Shavlik helps him in his role as network engineer for the Presbyterian Church of the USA in Louisville, Kentucky.

The Details:

The System: The Presbyterian Church of USA licenses Shavlik for 50 servers with 450 endpoints disbursed in Louisville and Stone Point, New York.

The Team:  Consists of a two member networking team that takes care of the servers and server patching on a monthly basis as well as a team member that administers desktop support.  The desktop team member also takes care of patching the individual computers, which frees up network staff.

Q: Shavlik: What motivated you to look for a security solution?

A: Randy Bowman: About 8 years ago I came on board after some significant staffing changes.  For practical reasons we did not have very much available in the way of documentation.   We had to make up for lost time in our patching and we ended up getting a virus.  The result was that we were down for three days.

Q: Shavlik: How did you come to use Shavlik?

A: Randy Bowman: One thing I took on as legacy software was UpdateEXPERT (Shavlik acquired UpdateEXPERT in 2007). From there it was an easy transition to Shavlik Protect.  We find it makes things a lot simpler for us.  It allows us to patch several servers at one time and patch them in the evening when they are free of traffic.  We have the flexibility to reboot the servers or do them manually. If the server is open we can throw on the patching right then and there and have it reboot.

Q: Shavlik: What made Shavlik so appealing?

A: Randy Bowman: Time savings. Being able to quickly implement the patches and download them when they come on Patch Tuesday is a huge benefit. We usually wait until Friday or wait for a notification from Shavlik saying it’s okay for the patches to be installed. Here we’ve got 50 plus servers.   I can patch half one night and half the next night, and that would be the first patch. Even if it takes two passes to go through and get a server completely patched, it still saves us time. We are patched in less than a week, where before we would have to do some even manually. Patching is a piece of cake really. In comparison to what we’ve had before, it saves us so much time. Another thing is, if there’s an agent that needs to be on the server like if you brought a new server out, even if it’s just a test server, you can open Shavlik and tell it to push the new agent and BOOM it’s done. 

Q: Shavlik: Once you chose to use Shavlik, how long did it take you to get up and running?

A: Randy Bowman: In 2 days we had it going. It actually would have taken 1 day but we were having some separate technical issues with the servers that caused delays.

Q: Shavlik: For this installation, did you have people helping you or was it just plug-and-play?

A: Randy Bowman: It was plug-and-play, more or less. A fellow network engineer did the last upgrade to 9.0. He was on the phone with support and got it done in an hour.

Q: Shavlik: What is your favorite Shavlik feature?

A: Randy Bowman: I like how you can go through and scan the machines in a machine group and it will tell you how many patches are missing. You can run the report and in 5 minutes you’ve got results emailed to you about what patches are missing. When it comes to critical security patches, we sat down years ago and decided this is what we need. It’s easy for Shavlik to go through and look for these and let us know what’s patched and what’s not, and if it’s critical or not.

December Patch Tuesday Advanced Notification

Microsoft has announced this month’s Patch Tuesday release.  There are 11 total patches – 5 Critical and 6 Important – expected to be released on Tuesday, December 10. Here is the breakdown for this month:

Security Bulletins:

  • Five bulletins are rated as Critical.
  • Six bulletins are rated as Important.

Vulnerability Impact:

  • Six bulletins address vulnerabilities that could allow Remote Code Execution.
  • One bulletin addresses a vulnerability that could lead to Information Disclosure.
  • Three bulletins address vulnerability that could allow Elevation of Privileges.
  • One bulletin addresses a vulnerability which could lead to a Security Feature Bypass.

Affected Products:

  • All supported Windows operating systems
  • All versions of Office
  • Office Web Apps 2013
  • Lync 2010 and 2013
  • SharePoint Server 2010 and 2013
  • Exchange Server 2007, 2010, and 2013
  • ASP.NET SignalR
  • Visual Studio Team Foundation Server

If all expected bulletins are released on Tuesday, Microsoft will close 2013 having released 23 more patch day bulletins than in 2012 and six more than in 2011.

Join us as we review the Microsoft and third-party releases for December Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, December 11 at 11 a.m. CST.  We will also discuss other product and patch releases since the November Patch Tuesday.

You can register for the Patch Tuesday webinar here.

 

Happy Thanksgiving from the Shavlik Team

The holiday season is upon us and 2013 is nearly over!  As in all things it is good to take time and reflect on what we have accomplished and what we are thankful for.  The Shavlik Team would like to share what we are thankful for.

GrandBabies

 

Harriet in our Finance Team says “I am especially thankful for my two new grandchildren.  They were born 11 weeks early.  The compassion and support from my coworkers made the struggles, we as a family had to deal with so much easier.  I work with so many wonderful people who really do care about people and their hardships.”

Bob

 

 

 

Bob in Sales says “I’m thankful for a great Dev/QA/test team that released a Rock Solid – Shavlik Protect 9.0 product!!  I’m also thankful for my awesome Partners and User Community (Customers) that recognize that Shavlik solves a complex (patching) problem with an easy to use solution, Thank you all!”

 

 

brent

 

 

 

 

 

Brent in Development says “I’m thankful for my wonderful, loving family, and how they lead by example. It’s also a pleasure to have worked with many of the same passionate coworkers for the past five years.

 

 

Nerf

 

 

 

 

 

 

Shavlik Team Members from Sales, R&D, Product Management, IT Ops, and Management are thankful for “NERF, office shenanigans, and an excellent bunch of co-workers to work and play with.”

 

 

ThePMBunch

 

 

 

The Product Management Team (Chris, Mike, Anne, and Aaron) are thankful for “All of the customers who have taken time to send us feature requests, talk to us at trade shows, join us for a conference call, allow us to come onsite and learn more about what they do and what would improve their product experience.  The time you spend helping us to understand your needs helps us to improve the experience of Shavlik Products.  Thank You!” and Aaron is especially thankful for “What does the Fox say!” (Aaron’s Fox picture was from a Halloween “What does the Fox Say?” performance).

 

 

 

 

 

Protect wins the Information Security™ Magazine and SearchSecurity.com's 2013 Readers’ Choice Award for Vulnerability Management

Thank you Shavlik users for making Shavlik Protect the Information Security ™ Magazine and SearchSecurity.com  2013 Readers’ Choice Award winner. Shavlik Protect received gold in the vulnerability management category and was among the highest scorers this year in any category.

“Shavlik is honored to receive Gold in the 2013 Readers’ Choice Awards,” said Steve Morton, Chief Marketing Officer for Shavlik. “This award not only validates the hard work of our employees but also reinforces and shows the high level of trust our clients place in us and their positive experience with Shavlik Protect.”

From all of us, thank you for this honor and more importantly, your continued confidence in and support of the Shavlik family of products.

Shavlik PAC is back!

Last week, about a dozen Shavlik Protect customers gathered in Minneapolis to rekindle the Shavlik Product Advisory Council (PAC). PAC members represent the existing user base and serve as advisers to Shavlik’s product development team.

During the two-day session, PAC members learned about Shavlik’s strategy, roadmap, and new product offerings, but more importantly, they got to share their perspectives on IT today, patch management, and the challenges they face inside and outside of Shavlik products. Their input will help shape the future of the Shavlik product line.

This first meeting focused on Shavlik Protect but future PAC meetings will expand to include users of SCUPdates, Management Intelligence, and Shavlik MDM.

Shavlik would like to extend a huge thank you to the PAC members for their participation in this event. You guys are the best!

PAC

 

(Top photo) PAC members shared their experiences and challenges both inside and outside of Shavlik products with members of the Shavlik product development team.

 

Wild game

(Bottom photo) The event wasn’t all work, though. PAC members attended a professional hockey game and saw our Minnesota Wild pull out a victory over the Carolina Hurricanes.

 

Avoid the latest Java Zero Day by upgrading to Java 7 today

If you have not ready up on the ZDNet and other posts regarding this exploit here is a link to an article talking in more depth.  If you are still on Java 6 you are vulnerable to this Java vulnerability.  Java 7 update 21 and earlier are also exposed.  There is an exploit kit available to hackers for $450 dollars.  They can purchase a way to exploit this vulnerability off the shelf.  This means it is past time to upgrade your Java runtime.

So, Shavlik Protect users, here are some easy steps to create a scan template to allow you to deployupgrade Java 7 update 25 to your machines to ensure they are up to date.

For users on Protect 9.0 the steps are as follows:

  1. Create a new Patch Group by clicking on the +New > Patch Group…
  2. Name the Patch Group “Java 7 Software Distribution”
  3. Click add and sort by QNumber column.  Select QJAVA7U25N and QJAVA7U25X64N and save the patch group.
  4. Click +New > Patch Scan Template… and name it Java 7 Software Distribution
  5. On the Filtering tab uncheck the Patch Type > Security Patches and Patch filter settings set to “Scan Selected” and click the “…” button and select the “Java 7 Software Distribution” patch group.
  6. Click on the “Software Distribution” tab and check the box to enable Software Distribution.  Save the scan template.
  7. Scan and Deploy the Java 7 update 25.

The best way to protect against this zero day is to eliminate the presence of Java 6 and this should be an easy way to do so.

Chris Goettl

 

July Patch Tuesday Advanced Notification

Microsoft announced their July 2013 advanced notification for Patch Tuesday. The July edition of Patch Tuesday will be bringing seven security bulletins. (See the Microsoft announcement here.)

Security Bulletin Breakdown:

  • 6 bulletins are rated as Critical
  • 1 bulletin are rated as Important

Vulnerability Impact:

  • 6 bulletins address vulnerabilities that could lead to Remote Code Execution
  • 1 bulletins address vulnerabilities that could lead to Elevation of Privilege

Affected Products:

  • All Internet Explorer versions
  • All supported Windows Operating Systems
  • Office 2003 SP3, Office 2007 SP3, Office 2010 SP1
  • Visual Studio 2003 SP1
  • Microsoft Silverlight 5
  • Microsoft Lync 2010 and 2013
  • Windows Defender on Windows 7 and 2008 R2

I will be going over the Microsoft and 3rd Party releases for the July Patch Tuesday in detail in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, July 10th at 11:00 a.m. CDT. I will also be reviewing other non-Microsoft releases that have occurred since the May Patch Tuesday. You can register for the Patch Tuesday webcast here.

Regards,

Chris Goettl

IE 8 patch, a plethora of 3rd party, and a product release, oh my!

Patch Tuesday +1: This morning we presented our monthly Patch Tuesday webinar.  Between Microsoft and 3rd party the Patch Tuesday bill was doubled.

Microsoft had a big release this month.  They released 10 Security Bulletins resolving 33 vulnerabilities yesterday, covering everything from the OS to Apps.   Most notable was MS13-038 which resolves the IE 8 vulnerability that is currently being exploited in the wild.  For those of you who deployed the FixIt, Microsoft is recommending that you disable it first then deploy MS13-038.  One other thing to note is that you should deploy MS13-037 as well or MS13-038 could cause compatibility issues for end users. Those are the most concerning patches from Microsoft.  To add to that we had five 3rd Party vendors releasing 8 product updates.  These covered over 50 vulnerabilities.  Theme for the month “Update your browsers and Flash”.  Mozilla had three critical product updates resolving over 15 vulnerabilities.  Google released a new version of Chrome to support a critical Flash patch.  Adobe released critical Flash, AIR, Reader, and Acrobat patches resolving over 27 vulnerabilities.

Recommendations across the board are pretty consistent.  Focus on the browsers (MS and 3rd Party) and Adobe first.   Then tackle the rest.

In other news, Shavlik has released Shavlik Protect 9.0 as our first official product launch as part of LANDesk!  For more details check out the first publication regarding the release this morning.  For details on the release check out the announcement on www.shavlik.com.  Next week we will be running a few webinars around the new features and the upgrade experience.

Chris Goettl
Shavlik Protect Team, LANDesk

LANDesk Aquires Shavlik from VMware

As many of you may now know, the Shavlik products were acquired by LANDesk.  Click here to see Steve Daly’s blog post on the acquisition.  As for the Protect products, we are currently in beta for the next release of Protect which will release in late Aprilearly May as Shavlik Protect 9.0.  The Update Catalog will be going back to the Shavlik SCUPdates branding as well.  Both products have long term plans in place and we are very excited to join the LANDesk family.

I am currently out in Las Vegas at the MMS show and we have had an exciting start to the week.  The welcome reception yesterday kept everybody in the booth very busy.  We talked to over 300 people in two and a half hours!  Current customers, partners, and those interested in the products all were interested in the news.

The Shavlik Protect 9.0 beta refresh will be beginning later this week as we wind down to RTM and GA.  It is also patch week, so for those of you who are not already registered you can click here to register for the April Patch Tuesday Webinar.  Join us tomorrow at 11am central to discuss the 9 bulletins from Microsoft and a few 3rd party patches we will be releasing later today.  We will also recap the patches released between March and April patch Tuesday.

Regards,

Chris Goettl
Shavlik Protect Team, LANDesk

 

 

 

 

April Patch Tuesday Advanced Notification

Microsoft announced their April 2013 advanced notification for Patch Tuesday.  The April edition of Patch Tuesday will be bringing nine security bulletins.

Security Bulletin Breakdown:

  • 2 bulletins are rated as Critical
  • 7 bulletins are rated as Important
  • 2 bulletins address vulnerabilities that could lead to Remote Code Execution
  • 5 bulletins address vulnerabilities that could lead to Elevation of Privilege
  • 1 bulletin addresses a vulnerability that could lead to Information Disclosure
  • 1 bulletin addresses a vulnerability that could lead to a Denial of Service attack

Affected Products:

  • All Internet Explorer versions
  • All supported Windows Operating Systems
  • InfoPath 2010 SP1
  • SharePoint Server 2010 SP1
  • Groove Server 2010 SP1
  • Office Web Apps 2010 SP1
  • SharePoint Foundation 2010 SP1
I will be going over the April Patch Tuesday patches in detail in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, April 10th at 11:00 a.m. CDT.  I will also be reviewing other non-Microsoft releases that have occurred since the March Patch Tuesday. You can register for the Patch Tuesday webcast here.
Regards,
Chris Goettl