ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Product overview

Malicious software security threats are becoming more frequent, more sophisticated, and more costly

to businesses, draining billions of dollars in productivity, revenue, and corporate credibility each

year. The vast majority of attacks, including automated worms, are performed against known

vulnerabilities for which a patch or fix is widely known.

Gain the upper hand in the war against hackers, worms, and trojan software that exploit software

security vulnerabilities, using the HP ProLiant Essentials Vulnerability and Patch Management Pack, the

all-in-one vulnerability assessment and patch management tool. The Vulnerability and Patch

Management Pack enables you to:

• Enhance system lifecycle management by incorporating vulnerability assessment and patching as

an integral part of the system management process

• Accelerate resolution of vulnerabilities by reducing the research time to understand the criticality of

the vulnerability and the expected behavior for patches and fixes

• Reduce the risk of security threats by automating the acquisition, scheduling the deployment, and

continuously enforcing the persistence (desired state) of patches

As a key component of the Adaptive Infrastructure, HP developed the Vulnerability and Patch

Management Pack to automate and simplify the scanning and patching of security updates over your

network. The implementation of the Vulnerability and Patch Management Pack significantly reduces IT

security concerns and costs associated with managing security in your environment. Use the

information in this document to simplify the process when integrating these tools into a current IT

infrastructure.

To quickly get started scanning and patching, it is important to:

• Comprehend the technology required for the Vulnerability and Patch Management Pack

• Understand how the technology impacts the existing infrastructure

• Visualize examples of the technology at work

Vulnerability scanning components

The Vulnerability and Patch Management Pack utilizes Harris STAT® Scanner, the only Common

Criteria Certified scanner. STAT Scanner identifies and provides advice to resolve reported

vulnerabilities.

Vulnerability fix and patch components

Vulnerability fix component

The Vulnerability and Patch Management Pack utilizes HP OpenView patch management using Radia

technology to deploy patches and configuration fixes.

Patch repository

The Vulnerability and Patch Management Pack repository contains all of the patches that have

downloaded.

Patch acquisition

The Vulnerability and Patch Management Pack provides an acquisition utility that connects to the

selected vendor website, downloads patch information and patch files, and places this information in

the Vulnerability and Patch Management Pack database.

Patch agent

The VPM Patch Agent is automatically deployed when target systems are licensed to allow patches to

be applied to the systems.