Patch Management and
HFNetChkPro 4.0
Eric Schultze
Director of Product Development
Shavlik Technologies
[email protected]
Property of Shavlik Technologies – Confidential and Proprietary · www.shavlik.com
2
Shavlik at a Glance
 Founded in 1993, Shavlik is a privately held,
profitable, security products and consulting firm
 Mark Shavlik, founder, was an initial member of the
Windows NT development team
 Continued deep Microsoft affiliation
 Shavlik created HFNetChk and Microsoft Baseline
Security Analyzer (MBSA) for Microsoft
"The Shavlik and
Microsoft teams have
collaborated to create a
strong security solution
that will help our
customers operate more
securely.“ - Steve Lipner,
Director, Microsoft
Windows Security
 HFNetChk technology has been licensed to Microsoft for
use in MBSA and the SMS 2.0 SUS Feature Pack
 Eric Schultze, Shavlik’s R&D director, was a member of
the Microsoft Security Response Center
([email protected]), and the Microsoft Trustworthy
Computing Team
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
3
The Patch Management
Topic
 Patches, Policies, & Push to alleviate the pain
 Shavlik helps
Property of Shavlik Technologies www.shavlik.com
 determine a patch has been released
 determine which patches are most important
 identify the machines that are in need of the
patches
 deploy the patch to remote machines
 provide reports on the state of your network health
 enable accountability for who did what and when
Secure Your Vision.
4
Shavlik HFNetChk Products
 HFNetChk.exe – Free command-line version available
from multiple download sites
 Over 4 million downloads
 HFNetChkPro (Free Version) - fully-functional
version of HFNetChkPro 4.0 with deployments to 10
machines
 Over 75,000 registered users
 HFNetChkPro 4.0– Industry-standard, agent-less
patch management solution
 Over 3,000 customers
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
5
Shavlik’s Patch Management
Solution - HFNetChkPro
 HFNetChkPro is an agent-less patch management solution
that enables administrators to manage extensive numbers
of security patches on large networks from a central
location
 An automated, advanced patch management tool:
1. Advises on patch importance and severity using extensive
third-party information and customer information
2. Quickly identifies missing security patches within hours of
release of new security bulletins
"Patching tasks that would
take two systems
administrators the better part
of a day are now
accomplished in 30 minutes."
- Andrew Nielson, Raytheon
Technical Services.
3. Securely pushes patches to trouble spots from centralized
location as soon as an update is issued
 Provides significant time savings in dealing with the large
number of security patches system administrators must
manage
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
6
HFNetChkPro Patch
Management Workflow Model
1. Research, Rate
and Rank
2. Test
3. Scan/Assess
4. Remediate
(manage by
patch or machine)
“HFNetChkPro 4.0 is very
intuitive, powerful and
complete. The product’s
simplicity takes a difficult and
time consuming process –
patch installation and
deployment – and turns it into
an effortless task.”
- Dan Lefebvre, senior network
administrator for Advanced
Monolithic Systems, Inc.
5. Validate
6. Report
7. Accountability
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
7
How HFNetChk relates to
SUS and SMS Solutions
 Windows Update
 Agent-based solution for OS, IE, IIS, MDAC, JVM, etc
 SUS
 Corporate version of WindowsUpdate
 HFNetChk can assist with validation of SUS deployments and
can provide reports on current patch status (who’s patched,
who’s not)
 SMS 2.0 SUS Feature Pack
 Uses hfnetchk.exe (mbsacli.exe /hf) for assessment
function
 HFNetChkPro assists by scanning machines not managed by
SMS
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
8
Why Shavlik?
 Commitment – work directly with the experts. We’ve hired
the best and brightest to build a superior product and offer
great support
 Knowledge management – we provide extensive information
to save research time and help you understand the
importance of each patch to your unique environment
 Third-party analysis provided real-time from TruSecure
 Includes Microsoft severity ratings, Bugtraq ID numbers and
CVE ID numbers
 Five levels of custom-criticality options allow for efficient
management of patches
 Patch and machine annotation for effective collaboration
 http://www.shavlik.com/bulletin_search.aspx
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
9
Why Shavlik?
 Shavlik utilizes patch data from XML database –
available for anyone to view, read, or use
 Shavlik products fully support TCP/IP
 Scan by Machinename, Domainname, IP Range,
IP Address, input files, etc.
 HFNetChkPro 4.0 offers robust support for batch
scripting and custom command lines. It also
supports database output and history creation
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
10
Why Shavlik?
 HFNetChkPro 4.0 provides extensive accountability
and patch management assurance
 HFNetChkPro 4.0 reports on the state of your
network health
 Complete patch management history stored in an
open SQL Server database that you can extend with
your own reports
 Our solution automatically monitors compliance with
patch management policies
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
11
Financial Impact
 HFNetChkPro 4.0 customers are experiencing drastic reductions in
the time it takes to get patched:
"We are extremely impressed with the improvements HFNetChkPro
4.0 brings to our patch management process. Previously, patching
servers and workstations had been sporadic with unreliable results,
and tracking the patching process was impossible. Patch
management was taking us over 20 hours a week.
With Shavlik’s new HFNetChkPro 4.0, that work is done in
just a few hours a week, and the results are more reliable. Also,
the ability to provide comprehensive reports and executive
summaries to our CIO saves our administrators significant time
tracking and answering questions about progress against our patch
management goals.”
- Jay Winks, systems specialist with Teksouth Corporation
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
12
On the Horizon
 FASTER
 Support for German, French, and Japanese
patches
 Total control over reboot options
 Enhanced Support for Office patches
 Agents
 Charts / Graphs and Executive Reports
 Support for Unix and Linux patches
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.
13
Contact Information
 Eric Schultze
[email protected]
651-426-6624
Property of Shavlik Technologies www.shavlik.com
Secure Your Vision.