When Patch-work Counts

Updating individual machines is easy using the native auto-update feature in Windows and Linux desktops. Managing patches and hot fixes on networks, however, requires robust management capability to ensure that all machines are properly patched so as not to pose a weak point in network security.

There are an abundance of products out there that will do the trick of patch management. Pleasanton, Calif.-based AdventNet Inc. has a product that takes patch management to another level. ManageEngine's Security Manager Plus is not only a patch management system, but it incorporates invaluable network security features. Security Manager Plus is not just about patch management, it is a vulnerability management system.

Reviewers took a look at the trial version of Security Manager Plus (SMP) Professional edition. The product comes in three versions: the standard edition includes patch management for Linux (Red Hat, Debian or CentOS) and Windows, reporting capabilities and Internet-based management; the Professional edition includes all of the above plus network vulnerability scanning and reporting, Windows file and registry change management, and PCI DSS Compliance reporting capability; and a third version, which is a free network security scanner and patch management system, will manage five nodes on a network.

SMP Professional installs a server component. Machines can be managed with or without agents.

The product is not yet compatible with Windows Server 2008. The server service would not start up on Server 2008, but installation was successful on Windows Server 2003, 64-bit.

After installing the server, the Web interface has a wizard that literally numbers the steps needed to get the product configured. The initial step to get going requires configuring proxy server, mail server and/or a trouble ticket e-mail.

Managed machines or "assets" are added by host name or by scanning an IP range. The trial version of Professional will manage only five machines, so the first five reachable devices are added.

One issue, after scanning and adding the five IPs, is that the scan process continues. There did not appear to be any way in the interface to cease the scan process. Scanning stopped once the server service was stopped and restarted again.

Next, added machines are scanned. Agentless scanning is seamless at the client end. Once the scan is complete, SMP gives detailed information about the machine—operating system, number of vulnerabilities, any open ports and number of missing patches. One machine was detected with five missing patches. A link is provided for each patch. Patches can be applied to a single machine or deployed en masse.

The Admin Console centralizes all tasks in one location. Patch Groups can be created from this location. Here is where a user can access a Vulnerability Knowledge base as well as a Patches Knowledge Base. The Patches database lists critical patches topmost. Patches can even be stored for quick deployment to a client via this interface.

There are several in-the-box reports, which are categorized as security, inventory and compliance. There is only one canned compliance report, though, which is for PCI regulations. However, custom reports can be built with the report wizard.

The default executive report gives an overview of assets in a network. Pie charts and bar graphs display a host of information, including a Total Vulnerabilities Summary, Top Open Ports Count and a table in the report detailing the prevalent vulnerabilities.

Pricing for SMP varies by version. Starting price for the Standard edition is $695. This is an annual subscription fee that will support 50 systems. Starting price for the Professional edition is also $695, which covers 25 systems.

Support for 64-bit Windows Server 2008 is currently being worked on and an update should be available in the near future, according to AdventNet. The vendor also has plans to include additional native compliance reports covering SOX and HIPAA.

For VARs in the asset management market, or for those who are security consultants, SMP is a relatively low-cost product that effectively manages updates and asset information for the enterprise.