Viva VMworld 2018! And for My Next Magic Trick…
It is time once again to venture down to Las Vegas. Maybe it will be to see Elvis and all your favorite superheroes ready to pose for pictures in front of the Bellagio. Or to catch a Cirque show or Michael Jackson One. Or maybe to chase lady luck down at the tables and slot machines.
For myself, I will be headed to the Mandalay Bay to attend VMworld 2018!
Ivanti will be at the show in booth #2839 bringing the only agentless patch management solution on the market to the data center admins who need it! It really is kind of like a magic show. We can connect to your vSphere environment, discover your virtual machines, assess them, and deliver OS and application updates, all without having to run an agent on a single virtual machine.
Doesn’t sound so hard? Well, what if I told you we can assess the VM even if it is offline? Just a virtual disk. Not powered on. Still not impressed??? How about patching your templates—from offline assessment to copying the packages to the virtual disk, taking a snapshot before executing updates, converting the template to a VM, disabling the NIC, booting the VM, executing the patches, rebooting to finalize install, then restoring back to its original state as a template ready to go for your next server build?
Ivanti Patch for Windows
For those of you who know Ivanti Patch for Windows (fka Shavlik Protect), you know what we can do, as we have been performing this trick for many years now. And, like so many long-running Vegas shows, it is a classic that never gets old. That said, though, we still wanted to bring you something new. A little extra wow factor!
Ivanti Security Controls Sneak Peek
So this year, just to spice things up, we have a new trick we will be unveiling at the show. We are going to give you a sneak peek at Ivanti Security Controls. This is a new evolution of Ivanti Patch for Windows that is currently under development, and we are bringing a build to VMworld to show you all of the cool new things it can do.
For any of you who are a fan of AppSense, the privilege management and application control capabilities are now integrated into the same agent as our Windows patch engine. We will show you how easily you can create a policy to manage patching, application control, and privilege management from a single agent. But that isn’t the cool new trick I was eluding to. We will also be showing you how we can take a vulnerability assessment from whatever vendor you are using—Rapid 7, Tenable, Qualys, BeyondTrust, it doesn’t matter—find all of the patches that relate to those CVEs, and build a patch group of updates that you can quickly approve for remediation in your environment!
Gartner Security Operations and Vulnerability Primer
For those of you who have been keeping up with your Gartner rhetoric and read this year’s “Security Operations and Vulnerability Management Primer for 2018” that was published in early February this year, you know how critical it is that every IT organization close gaps more quickly and efficiently. In the primer, Gartner states, “Vulnerability remediation is an essential operational capability that requires the IT security team's coordination and cooperation with IT operations and a supporting set of IT operations tools and technologies.”
In other words Security and Operations have to play nice together, and more important, their respective tools (vulnerability assessment and patch management) have to play nice together. As Gartner notes, “Success requires coordination between IT security and IT operations on a number of parameters (such as prioritization of vulnerabilities, providing actionable recommendations and removing false positives).”
Get the Security Guys off Your Back With Ivanti
The next time the security team generates the list of vulnerabilities that need to be remediated, would you like to sigh, roll your eyes, and make faces and rude gestures as the security analyst leaves your cube? Or would you like to smile, tell them “null sweat chummer,” and give them a wink? I can assure you the latter will be far easier on your blood pressure, far more confusing for them (especially if they are not a Shadowrun fan), and far more entertaining for you. Take that vulnerability report and import it into Patch for Windows and in just a few minutes you will have a list of all of the software titles you need to update to get those @#$% security guys off your back! Yes, I said minutes. Not hours, not days. Minutes.
Don’t believe me? I guess you will just have to come to the Mandalay Bay in Vegas, August 26 to 30, stop in to booth #2839 and call me out! And I just might show you this cool new magic trick that can take hours off tedious deduplication of CVEs and time-consuming mapping to what software updates need to be installed to resolve them. And if you go to any vulnerability vendor at the show and get them to give you a sample report, you can bring that to me and I can import it as well!
See you in Las Vegas!