Shavlik Technologies Inc. is rolling out a Web-based patch management service that can asses a company's systems, provide IT management capabilities and deploy patches via a Web browser.
Analysts say Web-based patch management systems are part of an industry shift with vulnerability management and other security features slowly moving away from on-premise models to Web-based services that can provide near real-time vulnerability information.
Roseville, Minn.-based Shavlik is offering the service as a stripped down version of its patch management, IT management and virtual machine management tools. The slimmed down service is limited to patch management and asset inventory. The firm's on-premise software includes more robust capabilities, including antivirus, power management and configuration management features.
The company is launching PatchCloud, which can examine systems and distribute patches using endpoint agents and third-party platform integrations. Like the on-premise software, PatchCloud integrates with Microsoft's System Center Configuration Manager (SCCM) and VMware's Update Manager. The vendor said the service can deploy patches to the endpoint in minutes.
The vendor also intends to use the service to collect information on users and develop an intelligence database on patching information and other data. The patch data can be used to speed the deployment of patches for Microsoft and third-party applications. Also incorporated is the company's NetPt agent which can send data and policy updates to mobile devices from NetChk Protect, the vendor's on premise management software.
Shavlik is also launching OpsCloud as part of the service. The application will use information from PatchCloud to offer partner applications for the management of virtual environments and Web-based applications. The service will offer IT management applications and integrate services from third-party providers. Shavlik said it would be rolling out antimalware capabilities, remote help, and help desk functionality.
Vulnerability management in the cloud
The industry trend is to provide real-time checking, said Chris Christiansen, an analyst and program vice president for security products and services at Framingham, Mass.-based IDC. Christiansen said Shavlik and other vendors are expediting the patching process and integrating real-time threat intelligence to provide more than just patch management capabilities.
"It's no longer a matter of looking at a signature file that may be less than current," Christiansen said. "In a lot of cases, Web-based information provides not only signatures but guidance on what trends have been seen, what the threat patterns are and the likelihood of being the target of an attack."
Vulnerability and patch management capabilities have been slowly migrating to cloud-based services. In April, Webroot Software Inc. added vulnerability scanning to its cloud-based Web security service. The vendor's service uses the National Institute of Standards and Technology (NIST) National Vulnerability Database to assess applications to identify missing patches. Security and compliance auditing vendor nCircle Network Security Inc. sells a cloud-based virtualized appliance that assesses a company's network from the outside to get a handle on Web application vulnerabilities and configuration issues that could potentially increase risk.
Vulnerability management vendor Qualys Inc. launched a similar Software-as-a-Service (SaaS) model in March. The company's cloud-based software services include static analysis and behavioral analysis tools that conduct malware detection and removal. Meanwhile, Lumension Security Inc., another Shavlik competitor, offers a Web-based endpoint protection service that includes security configuration, vulnerability and patch management capabilities. The company extended its service to Citrix Systems customers in March.
For now, Shavlik is targeting small and midsized businesses with its Web-based model. It's a market segment that is in dire need of better patch and threat management capabilities, Christiansen said. SMBs are very dependent on the Web and use it to establish a global presence. At the same time, cybercriminals are taking an interest in them, Christiansen said.
"There's anecdotal evidence that SMB companies are less protective than larger companies and their security policies tend to be more lax," he said. "At the same time, SBMs still contain a huge amount of information and they're also a good source for setting up botnets or a platform for attacks on other targets."
Despite patch deployment improvements by independent software vendors, patch management capabilities will remain an important component within enterprises. Patch management systems help coordinate patching, provide a logging and reporting system for auditors and can give IT broader visibility into what systems need attention. It also helps avoid disruptions caused by bad patches or fixes that don't integrate properly with a specific configuration.
"We're giving small and midsized businesses an opportunity to have an IT administrator in the cloud," said Shavlik Technologies CEO, Mark Shavlik. "It's an approach that I think will offer a very appealing value proposition."