Raven Services UpdateDecember 2003

David Wallis

Senior Systems Consultant

Raven Computers Ltd

Agenda

• Windows Patch Management– What are patches and why do we need them?– Windows Update– Software Update Services (SUS)– Raven Update Service

• Raven Backup Validation Service

• Disaster Recovery/Business Continuity Planning

What are Patches

• Also known as Hotfixes

• Modifications to the original program code, normally to fix a problem or vulnerability

• Quick Fix Engineering – QFE

• Not normally tested as thoroughly as normal software– May introduce new problems

Worms and Vulnerabilities

• Windows 2000 contains over 30 Million lines of code – Mistakes are inevitable

• Bugs may be discovered and exploited– Buffer Overflows

• Worms– Programs are written to automate the exploitation of

the bug– Like Virus’s but may not require you to open them– Can spread very quickly, causing havoc– Blaster, Nimda, SOBig

Types of patch

• Critical Security fixes– Created in direct response to a newly

discovered threat– Must be applied quickly to protect against

worms written to exploit the vulnerability– Time to release is very short, so testing is

“Rapid”– Should almost always be applied if they are

relevant to your setup

Types of patch

• Non-Critical Updates– Created to fix specific bugs or to enhance

functionality– Should only be applied if the particular

problem affects your computer– Can be more thoroughly tested before release

Types of patch

• Service Packs– Combination of several hotfixes and updates– Thoroughly tested in a wide range of

environments before release– Form a new baseline for the product against

which future software will be tested– Should be applied when deemed stable

Windows Update

• Built into Windows 98, Me, 2000 and XP

• Visit web page to determine what patches should be applied

• Tries to only propose relevant patches

• Must be run manually from each computer

• Linked from start menu – www.windowsupdate.com

Automatic Update Agent

• Introduced with Windows XP SP1 and Win2k SP4

• Available as a download for Win2k SP3• Automates download of critical security patches• Can automatically apply and restart computer• Can wait for approval before applying• Each computer operates separately and fetches

its own updates

Software Update Services - SUS

• Your own Windows Update server

• Runs on a server on your site

• Integrates into IIS

• Administrator approves and downloads patches

• Client agent on PCs installs approved updates from SUS server

• Can be managed through Group Policy

Microsoft Software Update Services (SUS)

WorkstationWorkstation

Laptop Laptop

SUS Server

Internet

Firewall

LAN

AdminstratorApproves Updates

SUS Client Agent

• Built into Windows XP SP1 and Win2k SP4

• Can be managed and deployed through Active Directory Group Policy

• Machines can be told to install patches at specified times

• Machines can be told to reboot at specified times if they are left on

SUS Requirements

• Runs on Windows 2000 SP3 or later, or Windows 2003 Server running IIS

• Client PCs must run Windows 2000 SP3 or later, or Windows XP– Windows 9x not supported

• Installs IISLockdown, so may interfere with some Intranets

• Administrator must manually approve each update

• Typical Installation time around ½ day. May vary on some sites

SUS Capabilities

• SUS can apply all Windows critical security updates and can now deploy service packs to Windows 2000 and Windows XP

• Next version (due Q2 2004) will allow security patches for Office, Exchange Server and SQL Server to be automatically deployed too

Raven Update Services

Internet

WorkstationWorkstation

Laptop Laptop

SUS Server

Firewall

LAN

Raven Update Server

RavenTechnicians

approve updates

Raven Update Services

• Subscription service - £600 per annum– Requires SUS server to be installed

• Raven Engineers approve updates after testing on a representative sample of platforms

• Local SUS server pulls only approved “Safe” updates from Raven Update Server

• Requires no local administration• “Hands Free” update of client PCs

Raven Backup Validation Service

• Is your Backup adequate?

• Backup is essential, and is YOUR responsibility

• Have your requirements changed since it was installed?

• Are you backing up everything you need?

• Could you recover in the event of a disaster?

Possible backup failings

• Tape drive needs cleaning

• Tape is unreadable on another unit

• Backup job has been interfered with

• Job may be on hold

• Critical files may be in use

• Requirements may have changed

• Nobody checking that job has run

Raven Backup Validation Service

• Subsidised fee of £500* for basic server, Raven Consultants will:– Examine your backup strategy– Document your backup procedure in a simple,

easy to follow guide– Take a sample tape away and confirm that it

contains everything you need– Perform a sample test restore to ensure that

data on tape is readable*Based on a single server running supported backup software and DAT or DLT tape unit

Prices for more complicated systems on request

Disaster Recovery Planning

• Business Continuity plan increasingly required by auditors

• Plan for swift return of IT services in the event of:– Burglary– Fire/Destruction– Critical Failure

Trial Recovery

• By arrangement, Raven Consultants can:– Perform a complete recovery of your system

to a similar hardware platform– Provide a report as to estimated time to get

operational– Advise on potential weaknesses and problem

areas– Advise on streamlining the recovery process– Document the recovery process in a step by

step guide

Conclusions

• Patch Management of servers and client PCs is essential– SUS can automate this, but requires an administrator– Raven Update Services fills the role of the

Administrator for customers without a substantial IT department

• Be confident in your Backups– Ensure you have adequate backups– Ensure you know how to recover from them if you

need to– Utilise Raven services to gain peace of mind

Any Questions?

David WallisSenior Systems Consultant

Raven Computers Ltddavidw@raven-computers.co.uk