ADM 308 Patch Management Targeting Virtual Server Unmanaged

ADM 308 Patch Management – Targeting Virtual Server, Unmanaged Systems, and Microsoft Office Components Paul Butterworth Management Technology Architect

Agenda Solution Accelerator Overview Assessing Microsoft® Virtual Server installations and scanning the unmanaged space Using Microsoft Systems Management Server (SMS) 2003 for gathering Microsoft Office component details

What’s a Solution Accelerator? Integrated people, process, and technology Industry, partner, customer, and Microsoft best practices Includes project and operational guidance—based on Microsoft Solutions Framework (MSF) and Microsoft Operations Framework (MOF) Microsoft training and services Microsoft and partner products/technologies Targeted at defined customer scenarios Also known as pain points Covers the entire life cycle Evaluating, planning, building, deploying, and operating Built with customers, partners, and Microsoft Engineered, tested, and validated Supported

Components of the Patch Management Solution Accelerator Using SMS 2003 Patch Management Process based on industry best practices (MOF/ITIL) Microsoft technology for assessing and deploying patches • Microsoft Systems Management Server 2003 1. Assess • Microsoft Baseline Security Analyzer (MBSA) • Microsoft WMI Custom Scripting Solutions 2. Identify + 4. Deploy 3. Evaluate & Plan Best-practice technical guidance for patching specific Microsoft technologies • Microsoft SQL Server™ 2000 • Microsoft Virtual Server / Microsoft Virtual PC • Microsoft Office 2000 /Office XP / Office 2003 Released Oct. 27, 2004

Patch Management Process § Discover a New Software Update § Determine Relevance § Obtain and Verify Source Files § Submit request for change (RFC) § Inventory/Discover Existing Assets § Assess Security Threats/Vulnerabilities § Determine the Best Source of Information § Assess Software Distribution Infrastructure § Assess Operational Effectiveness 1. Assess 2. Identify 4. Deploy 3. Evaluate & Plan § Prepare for Deployment § Deploy to Targeted Computers § Conduct Post-Implementation Review § Determine Appropriate Response § Plan the Release § Build the Release § Perform Acceptance Testing

Solution Accelerator Scenarios and Highlights Automation scripts to assist with ASSESS and DEPLOY Assess managed and unmanaged installations Virtual Server, Virtual PC, SQL Server 2000 Assess Office installations Extending SMS HINV to capture additional information about Office installations Deploy to Office installations Provide increased targeting for Office applications Provide custom Office collections and reports for Office 2000, Office XP, and Office 2003 Detailed guidance for patching specific Microsoft technologies: Office 2000, Office XP, and Office 2003 SQL Server 2000 Virtual Server and Virtual PC

Do you want to see how this solution can help your company?

Solution Example: Assessing Virtual Server and Virtual PC Installations Problem: Assessing and enumerating Virtual Server and Virtual PC guest installations on managed and unmanaged systems Solution Deliverables: Sample scripts to identify managed and unmanaged hosts Sample Windows® Management Instrumentation (WMI) scripts to assess Virtual Server/Virtual PC guest installations Sample XML-based report to expand data captured via SMS 2003 SP 1

Assessing Virtual Server Host and Guest Installations How It Works 1. Script (WMI) queries Microsoft Active Directory, reads a userdefined subnet file or a userdefined IP file to determine what to scan 2. Script does subnet scan to ID hosts that are accessible SMS-Managed Subnets Inventoried via SMS Software Inventory 3. Script queries Virtual Server host using Virtual. Server. Application API to identify virtual hosts and guests and their current state 4. Virtual Server/Virtual PC Assessment report (XML-based report) identifies managed, unreachable, and no-administrator-access installations Subnet excluded from SMS, or a test lab or subnet inaccessible by SMS 5. MBSA scan is run and a report is generated for all unmanaged machines

Script Options

Editing the Input File …

Script in Progress. . .

Sample Virtual Server ASSESS Report

Sample Virtual Server MBSA Report

Applying the Data Gathered…

Solution Example: Extending SMS HINV to capture details about Microsoft Office components Problem: Customers require more granular detail about the components of each Microsoft Office suite. Solution Deliverables: Update SMS HINV to provide component-level details. Collect information from the client to include language version, application and suite version, and native installation path. Provide 48 custom. mof files for creating custom collections to improve targeting. Provide 48 custom. mof files for custom reporting.

Extending SMS 2003 SP 1 Inventory to Capture Details about Office Installations How It Works 5. Administrator uses sample queries to create query-based collections, and reports and deploys to these target collections using SMS. 1. Administrator updates SMS_Def. Mof on site servers to enable capture of Office component levels in the SMS database. SMS Site Server 2. Administrator distributes a package to extend CIMv 2 on clients via Client. Mof – this enables client to report additional info on Office via HINV. 4. Clients report additional Office component-level information via HINV, including installation source location. 3. Client runs HINV at scheduled interval. SMS Clients

Importing a Custom. mof File

Sample Office Consolidation Report

Solution Recap Provides automation to assist with the ASSESS phase of patch management Targets risk reduction by preventing an attack because “I didn’t know we had that installed on our network” Provides a mechanism for IT administrators, management, and security to build plans for getting all machines “managed” Provides best-practice guidance for patch management using SMS 2003 Provides in-depth details for patching specific Microsoft technologies

Community Resources http: //www. microsoft. com/communities/default. mspx Most Valuable Professional (MVP) http: //www. microsoft. com/communities/mvp Newsgroups Converse online with Microsoft Newsgroups, including Worldwide http: //communities 2. microsoft. com/communities /newsgroups/en-us/default. aspx User Groups - Meet and learn with your peers http: //www. microsoft. com/communities/usergroups default. mspx

Knowledge Needed. Knowledge Applied. Microsoft Products and Services for Lifelong Learning Assess your skills Take an e. Learning course Subscribe to Microsoft Tech. Net Get the latest information on IT Pro and Developer Books to purchase online or at your local bookstore Find the course right for you and a Microsoft Certified Partner for Learning Solutions in your area Learn about the Microsoft certifications that can enable and advance your career www. microsoft. com/learning - Learn more. Go Further

© 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.