PatchLink Update

Home \ Products \ PatchLink Update

Automated Collection, Delivery and Auditing of Security Patches

With major software vendors now reporting more than 8,000 vulnerabilities each year¹, eradicating all of the potential threats to your network is a daunting task. PatchLink Update delivers a cost-effective way to quickly, accurately and securely deliver and monitor software patches throughout your network.

PatchLink Update, ranked the #1 selling patch and vulnerability management solution² for 3 consecutive years, is trusted by customers worldwide to protect their heterogeneous networks. With its patented Digital Fingerprinting™ Technology, PatchLink Update enables you to:

  • Reduce corporate risk through the timely, proactive elimination of operating system and application vulnerabilities.
  • Decrease IT costs and improve productivity with a highly automated, subscription-based patch management solution.
  • Eliminate recurring risks through 'patch drift'
  • Demonstrate compliance with security policies and government regulations through continuous patch monitoring and comprehensive reporting.

1. Carnegie Mellon University's Computer Emergency Response Team (CERT) reported 8,064 published vulnerabilities between 1995 and 2006
2. Worldwide Security and Vulnerability Management Software 2007-2011 Forecast and Analysis. IDC

Future-Proof Your Investment

Information Technology is constantly changing. With advances in Service-Oriented Architectures, and virtualization, enterprise applications are certain to transform IT as we know it today, and the way these applications will be updated and remediated is certain to change as well. Lumension Security is committed to developing and modifying the PatchLink Update solution set to meet future needs in these new computing environments. Watch this space for further details.

Overview

PatchLink Update™ provides rapid, accurate and secure patch management, allowing you to proactively manage threats by automating the collection, analysis and delivery of patches throughout your enterprise. PatchLink Update significantly decreases the costs involved in securing your organization from worms, Trojans, viruses and other malicious threats.

Thorough, Agent-Based Vulnerability Assessments

Quickly and accurately compile a comprehensive, centralized view of all of the vulnerabilities on your network through intensive agent-based scans of each managed endpoint. PatchLink Update's patented Digital Fingerprinting™ technology provides a highly accurate process for patch and vulnerability assessment and monitoring - leaving no systems open to attack.


View all of the vulnerabilities on all managed devices

Intelligent, Secure Patch Deployments

Rapidly deploy patches developed and maintained in your enterprise based repository using PatchLink’s intelligent patch deployment wizard. With support for phased rollouts, rapid verification of patch installs, automatic e-mail alerts for failed deployments and other advanced capabilities designed to reduce administrative effort and limit end-user disruptions, deploying software patches has never been easier.

All remediation packages are available within a 1 day timeframe maximum. PatchLink Update leverages software vendor's original remediation package download location for an enhanced and fast package availibility.


Simple, guided patch deployment

Continuous Validation of Policy Compliance

PatchLink Update's patented Digital Fingerprinting™ Technology eliminates patch drift by ensuring that endpoints get patched and stay patched by creating a patch fingerprint profile that includes all software, hardware, drivers, and existing and missing patches for each machine. Each endpoint is then continually monitored. Administrators can also establish a mandatory baseline to automatically remediate endpoints that don't meet defined patch levels - a key aspect of regulatory compliance.


Minimum patch policies automatically propagated to all machines in a group

Comprehensive Reporting

Address operational, management and compliance reporting needs with a graphical “dash board” and over 20 standard reports that document vulnerabilities, patch deployments, patch status, trends, inventory and more – at individual machine or aggregated levels- to demonstrate progress toward internal and external audit and compliance requirements.


Highly customizable graphical reporting “dashboard”

How it works

Vulnerability Detection and Assessment: PatchLink Update proactively detects and assesses application, operating system and operational vulnerabilities on corporate endpoints.
Remediation Policies Defined: Enterprise-wide change management policies are established around the remediation of security and operational vulnerabilities.
Automated Patch Deployment and Remediation: Automated deployments are scheduled based upon patch criticalities and defined security policies, leveraging vendors’ own remediation download infrastructure.


Operating System Patches

  • PatchLink currently supports the following operating system patches. Platform support includes:
  • Update installers (no base installers)
  • For updates: patches, service packs, feature packs, cumulatives, and hot fixes
  • For editions: standards, enterprise, and deluxe
  • In all supported locales (listed below)
Operating System Version/Edition Architecture
Apple Mac OS X
  • 10.3 - 10.5
  • PowerPC
  • 10.4 - 10.5
  • x86
Hewlett Packard HP-UX
  • 11.00 - 11.23
  • PARISC
IBM AIX
  • 5.1 - 5.3
  • PowerPC
Microsoft Windows 98
  • 2nd Edition
  • x86
Microsoft Windows NT
  • 4.0 SP6a
  • x86
Microsoft Windows 2000
  • Professional SP4
  • Server SP4
  • Advanced Server SP4
  • x86
Microsoft Windows Server 2003
  • Web Edition
  • Standard Edition
  • Enterprise Edition
  • R2 Standard Edition
  • R2 Enterprise Edition
  • x86
  • x64
Microsoft Windows XP
  • Professional
  • x86
  • x64
Microsoft Windows Vista
  • Ultimate Edition
  • Enterprise Edition
  • Business Edition
  • x86
  • x64
Microsoft Windows Server 2008
  • Web Server Edition
  • Enterprise Edition
  • Standard Edition
  • Enterprise without Hyper-V Edition
  • Standard without Hyper-V Edition
  • HPC Server Edition
  • x86
  • x64
Novell SUSE Linux
  • 9 - 10
  • x86
  • x86_64
Red Hat Enterprise Linux
  • 3 - 4 (AS, ES, WS)
  • x86
Sun Solaris
  • 8 - 9
  • SPARC
  • 10
  • SPARC
  • x86
  • x64

* Fee based content from Red Hat can be imported using the PatchLink Content Update Tool.

Application Patches

  • PatchLink currently supports the following application patches. Application support includes:
  • Update installers (no base installers)
  • For updates: patches, service packs, cumulatives, and hot fixes
  • For editions: standard, enterprise, deluxe
  • On all supported platforms
  • In all supported locales (listed below)
Application Version Platforms
Adobe Acrobat Reader 5.1 - Current Windows
Mac OS X
Adobe Flash Player for Internet Explorer 6.0 - Current Windows
Adobe Flash Player for FireFox/Netscape 8.0 - Current Windows
Adobe Macromedia Plug-In (Internet Explorer, Firefox) 4.79 - Current Windows
Apple iLife 6.0 – Current Mac OS X
Apple iTunes 6.0 Mac OS X
Apple QuickTime 6 – Current Windows
Mac OS X
Apple Safari 1.3.1 Mac OS X
Citrix ICA Win32 Client 6.3 - Current Windows
Computer Associates eTrust Antivirus 6.0 - 7.1 Windows
Frisk Office Macro Current Windows
F-Secure Antivirus 5.x - current Windows
McAfee Virex 7.2 - Current Mac OS X
McAfee VirusScan Engine 4 - Current Windows
McAfee VirusScan Enterprise Engine 7.8 Windows
McAfee VirusScan DAT 4.x/6.x - Current Windows
McAfee VirusScan SuperDAT 4.x - Current Windows
Microsoft .NET Framework 1.0 SP2 – Current Windows
Microsoft ActiveSync 4.1 Windows
Microsoft Content Management Server 2001 Windows
Microsoft Data Access Components (MDAC) 2.5 – Current Windows
Microsoft DirectX 7 – Current Windows
Microsoft Exchange Server 5.5 – Current Windows
Microsoft Frontpage Server Extension (FPSE) 2002 - 2002 Windows
Microsoft Internet Explorer 5 – Current Windows
Microsoft Internet Security and Acceleration Server (ISA) 2000 Windows
Microsoft Jet 4 Windows
Microsoft Malicious Software Removal Tool Current Windows
Microsoft MSDE 2000 Windows
Microsoft MSN Messenger 5 – Current Windows
Microsoft MSN Messenger Exchange IM Client 4.6 - 4.7 Windows
Microsoft Internet Information Service (IIS) 4.0 - 6.0 Windows
Microsoft MSXML 1 – Current Windows
Microsoft Office
(Access, Excel, FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word)		 2000 – Current Windows
Microsoft Office for Mac 2004 Mac OS X
Microsoft Outlook 2003 Junk E-mail Filter Current Windows
Microsoft Outlook 2007 Junk E-mail Filter Current Windows
Microsoft Outlook Express 5.5 SP2 – Current Windows
Microsoft SharePoint Service 2003 Windows
Microsoft SharePoint Team Services Office XP Windows
Microsoft SQL Server 7 – 2000 Windows
Microsoft Visual Studio .NET 2003 Windows
Microsoft Visual Studi 2005 Windows
Microsoft Windows Installer 2 – Current Windows
Microsoft Windows Mail Junk E-mail Filter Current Windows
Microsoft Windows Media Player 6.4 – Current Windows
Microsoft Windows Messenger 4.7 – Current Windows
Microsoft Windows Update Current Windows
Mozilla Firefox 1.0.4 – Current Windows
Mozilla Firefox for Mac 2.0 Mac OS X
Novell NetWare Windows Client 4.8 – Current Windows
Novell Server Support Pack 5.1 - 6.5 Novell
Novell ZENworks Client 3.3 – Current Windows
Lumension Security
(PatchLink Update, Enterprise Reporting, Developers Kit, Quarantine, Scanner Integration Module)		 All All
Real Networks RealPlayer for RedHat 8 – Current RedHat
Real Networks RealPlayer for Windows 8 – Current Windows
Sophos Antivirus Current Windows
Sun Java Runtime Engine 1.4 - Current Windows
Sun Java for Mac OS X 1.3 - Current Mac OS X
Symantec Antivirus Corporate Edition for 64 bits 10 - 10.2 Windows
Symantec Norton Antivirus Current Windows
Symantec Norton Antivirus 9.0.1 - Current Mac OS X
Trend Micro OfficeScan 5.58 - Current Windows
Trend Micro ServerProtect 5.56 - Current Windows
WinZip 9.0 - 9.0 SR-1 Windows

Available Legacy Patches

The PatchLink Repository also contains various legacy operating system and application patches that are no longer updated on an ongoing basis, but are still available. Patches are supported only through the versions listed below.

Operating System Patches

  • HP-UX 10.2 – 10.3
  • AIX 4.3 – 4.3.3
  • Windows 95
  • NetWare 4.11 – 6.1

Application Patches

  • Authentium Command Software
  • Frisk F-Prot Antivirus
  • Microsoft Content Management Server
  • Microsoft Front Page Server Extension
  • Microsoft Java VM
  • Microsoft Visual Studio
  • Microsoft Windows Messenger
  • Oracle Database
  • Sendmail.org Sendmail
  • Snort.org Snort IDS
  • Sophos Antivirus
  • WinZip

Supported Locales

PatchLink supports patches in the following locales for all operating system and application patches listed above.

  • Chinese (simplified)
  • Chinese (traditional)
  • Dutch (Netherlands)
  • English (United States)
  • Finnish (Finland)
  • French (France)
  • German (Germany)
  • Italian (Italy)
  • Japanese (Japan)
  • Korean (Korea)
  • Portuguese (Brazil)
  • Spanish (Spain)
  • Swedish (Sweden)

Features & Benefits

  • Support for Security and All Other Patches - Support of security and Operating Systems patches (including Windows, Mac, Unix, Linux, Novell) as well as business software and hardware patches.
  • Innovative Open Architecture - providing through the use of open standards a greater support for additional vendors leveraging their own technology to deliver remediation binaries to PatchLink Update and allow deployment in less than a day for any remediation package.
  • Agent-Based Architecture - Protects laptop and mobile devices that are often disconnected from the network and reduces network bandwidth usage
  • Directory Services Integration - Dynamic creation of groups based on existing Microsoft Active Directory environments, with cascading inheritance for agent policy, mandatory baseline and user permissions
  • Inventory Management - Identifies and reports all software, hardware and services inventory and supports software distribution
  • Automated Agent Distribution - Agent Management Center utility automates the deployment of the patching agent to unmanaged computers, ensuring maximum coverage and protection
  • Automatic Notifications - Automatically alerts administrators when a patch is removed or dropped due to restoring a backup or installing a new application
  • Comprehensive Patch Pre-Testing - Lumension Secuirity's extensive testing against standard computer images reduces the amount of development and testing required prior to patch deployment
  • Flexible Application Reporting - Audits and reports on the status of the organization's security
  • Flexible Scanning and Deployments - Allows the Administrator to control the scanning and patch distribution schedule to minimize business disruptions
  • Fully Internet-Base - Communications based upon standard protocols (TCP-IP/ HTTP & HTTPS)
  • Flexible Group Management - Creates custom computer groups to increase deployment accuracy and IT efficiency
  • Hierarchical "Nested" Grouping - Allows the Administrator to represent multiple layers of geographical structure within PatchLink Update
  • Highly Scalable - Ensures complete coverage for the largest worldwide networks with high-availability topologies and PatchLink Distribution Point architecture
  • Custom Graphical "Dash Board" - Enables creation of a custom dash board of the information most critical to the success of your organization's patch management process from a list of 8 key indicators
  • Multi-Patch Deployments - Delivers multiple patches to multiple computers in one distribution to increase IT productivity
  • Multi-Platform Support - Enables security of all operating systems in heterogeneous networks, including Windows, UNIX, Linux, Apple, and Novell
  • Patch Fingerprint Accuracy - Ensures the highest level of accuracy in the detection of security vulnerabilities
  • Policy-Based Administration - Ensures that all systems meet a mandatory baseline policy - a key aspect of regulatory compliance
  • Role-Based Administration - Enables System Administrator to delegate activities to improve productivity while maintaining security
  • Subscription Service - Provides constant vulnerability/patch availability notification and secure downloads for selected, pre-tested and pre-packaged patches from a dedicated PatchLink host and ensures no unauthorized packages enter your network

Requirements

Agent Coverage - Supported Client Operating Systems


Operating System Version/Edition Architecture
Apple Mac OS X
  • 10.3 - 10.5
  • PowerPC
  • 10.4 - 10.5
  • x86
Hewlett Packard HP-UX
  • 11.00 - 11.23
  • PARISC
IBM AIX
  • 5.1 - 5.3
  • PowerPC
Microsoft Windows 98
  • 2nd Edition
  • x86
Microsoft Windows NT
  • 4.0 SP6a
  • x86
Microsoft Windows 2000
  • Professional SP4
  • Server SP4
  • Advanced Server SP4
  • x86
Microsoft Windows Server 2003
  • Web Edition
  • Standard Edition
  • Enterprise Edition
  • R2 Standard Edition
  • R2 Enterprise Edition
  • x86
  • x64
Microsoft Windows XP
  • Professional
  • x86
  • x64
Microsoft Windows Vista
  • Ultimate Edition
  • Enterprise Edition
  • Business Edition
  • x86
  • x64
Microsoft Windows Server 2008
  • Web Server Edition
  • Enterprise Edition
  • Standard Edition
  • Enterprise without Hyper-V Edition
  • Standard without Hyper-V Edition
  • HPC Server Edition
  • x86
  • x64
Novell SUSE Linux
  • 9 - 10
  • x86
  • x86_64
Red Hat Enterprise Linux
  • 3 - 4 (AS, ES, WS)
  • x86
Sun Solaris
  • 8 - 9
  • SPARC
  • 10
  • SPARC
  • x86
  • x64

Minimum Requirements – PatchLink Update Server

Requirements Version
Hardware
  • A single 1.4 GHz Pentium or equivalent processor
  • 512 MB RAM
  • 36 GB of available disk space
  • A single 100 Mbps network connection (with access to the Internet)
Operating System
  • Microsoft Windows Server 2003, Web Edition with SP1 or later
  • Microsoft Windows Server 2003, Standard Edition with SP1 or later
  • Microsoft Windows Server 2003, Enterprise Edition with SP1 or later
  • Microsoft Windows Server 2003 R2, Standard Edition (SP2 optional but recommended)
  • Microsoft Windows Server 2003 R2, Enterprise Edition (SP2 optional but recommended)

Note: PatchLink Update must be installed on an Operating System that is not a domain controller and uses any locality variation of English.

SQL Server
  • Microsoft SQL Server 2005 Express Edition with SP2
  • Microsoft SQL Server 2005 Standard Edition with SP2
  • Microsoft SQL Server 2005 Enterprise Edition with SP2

Note: PatchLink Update Server installs SQL Server 2005 Express Edition RTM during installation. Therefore, you must not have any database server installed prior to the installation of PatchLink Update.

Internet Server Microsoft® Internet Information Services (IIS) 6.0
.NET Framework
  • Microsoft .NET Framework version 1.1 with SP1
  • Microsoft .NET Framework version 2.0
Internet Browser Microsoft Internet Explorer 6.x or higher