Third Party Patching — Why Virtual Patch Emulation is the Host-est with the Most-est…
All this hubbub about third party patching is enough to make one cross-eyed…(read on for the ironic analog)
I’ve written about this twice before…once last month here and the original post from my prior blog written over a year ago! It’s a different approach (that inevitably and incorrectly gets called an IPS) to solving the patching dilemma — by not touching the host but instead performing virtualized patch emulation in real-time via the network.
Specifically I make reference to a product and service from Blue Lane technologies (the PatchPoint gateway) which so very elegantly provides a layer of protection that is a NETWORK-BASED third party patching solution.
You don’t have to touch the host — no rediculous rush to apply patches that might introduce more operational risk in the hurry to patch them than the risk imposed by the likelihood of the vulnerability being exploited…
You can deploy the virtual (third party) patch and THEN execute your rational and controlled approach towards regression testing those servers you’re about to add software to…
Rather than re-hash the obvious and get Alan Shimel designing book covers to attack my post like he did with Ross Brown from eEye (very cool, Shimmy!) you can just read the premise based upon the link above in the first sentence.
I don’t own any Blue Lane stock but I did happen to buy one of the first of their magical boxes 2 years ago and it saved my ass on many occasion. Patch Tuesday become a non-event (when combined with the use of Skybox’s amazing risk management toolset…another post.)
Keep your mitts off my servers….
http://www.networkcomputing.com/showArticle.jhtml…
Blue Lane CEO interviewed in 11/23/06 Network Computing….
http://www.infoworld.com/article/06/11/30/49TCblu…
Infoworld's Roger Grimes reviews Blue Lane's PatchPoint
InfoWorld names Blue Lane Technology of the Year 2007 in Security (Vulnerability Management) http://www.infoworld.com/slideshow/2007/01/30-200…