PatchQuest

Patch Management Software

If you are adopting manual patching processes in your organization, it is certain that patch management is something that you find extremely difficult to manage. That is where a patch management software will easen the pain and prove to be a productivity enhancer. PatchQuest automates the painful manual tasks of patching computer systems and keeping your network secure. With its robust architecture, PatchQuest is capable of managing systems in your enterprise automatically such that administrators can focus on other core activities.

Patch Management Software Architecture

The PatchQuest patch management software, comprises of a four-stage, distributed architecture. There are four primary components that constitute the setup :

• External Patch Crawler
• Central Patch Repository
• Server Component
• Agent Component

External Patch Crawler

The External Patch Crawler resides at the AdventNet site and repeatedly probes the internet to draw vulnerability information from various security sources - mainly advisories from the RedHat Network, Debian websites & bulletins from the Microsoft website, and other sources of vulnerability information like CVE and Buqtraq.

Patch download, assessment for patch authenticity and testing for functional correctness is also carried out at this site. The final analysis and data are correlated to obtain a consolidated vulnerability database which serves as a baseline for vulnerability assessment in the enterprise. The modified vulnerability database is then published to the Central Patch Repository for further use. The process of information gathering and patch analysis happens regularly, and the latest vulnerability database is published everytime a patch or set of patches is released from the vendors.

Central Patch Repository

The Central Patch Repository is a portal in the AdventNet site, which hosts the latest vulnerability database that has been published after a thorough analysis. This database is exposed for download by the PatchQuest Server situated in the customer site, and provides information required for patch scanning and installation.

Patch Management Software Server Component

PatchQuest Server is located at the enterprise (customer site) and subscribes to the Central Patch Repository, to periodically download the vulnerability database. It scans the devices in the heterogeneous enterprise network - either remote scanning or in conjunction with the PatchQuest agent - checks for missing and available patches against the comprehensive vulnerability database, downloads and deploys missing patches and service packs, generates reports to effectively manage the patch management process in your enterprise. All these actions can be initiated from a universally accessible, web-based administration console in a few simple clicks.

Patch Management Software Agent Component

The PatchQuest Agent is a light-weight software that is installed in a target machine. It acts as a worker to carry out the patch management operations as instructed by the PatchQuest Server. The agent-based mode of patch management is an option that you can adopt, based on your enterprise network infrastructure set-up and requirements. It is an optional component in the patch management software, that can be employed in target machines that are locked down or behind a firewall (or) to manage systems in present remote geographical locations where a dedicated network tunnel is not feasible (HTTPS mode).