www.lumension.com © copyright 2008 - lumension security lumension security patchlink enterprise...
Post on 19-Dec-2015
221 Views
Preview:
TRANSCRIPT
www.lumension.com
© Copyright 2008 - Lumension Security
Lumension Security
PatchLink Enterprise Reporting™ 6.4Overview and What’s New
2
© Copyright 2008 - Lumension Security
www.lumension.com
Agenda
Market Trends
Overview
Key Features
Sample Reports
Report Library
How It Works
Professional Services
PatchLink Enterprise Reporting Advantage
3
© Copyright 2008 - Lumension Security
www.lumension.com
Market Trends in IT Reporting
Increased focus on corporate governance
Greater IT and Regulatory Compliance Requirements
Enterprises need analytics to better understand and control the effectiveness of their vulnerability management processes to: Assess business and security risk with
accurate analysis and reporting Measure an organization’s level of
compliance Provide visibility to management for risk
management and security posture
Two-thirds (66%) of enterprises are subject to regulations such
as Sarbanes-Oxley, FISMA, HIPAA, and the European
Privacy Directive.
According to a recent Forrester report titled “The Myths of
Information Security Reporting”, senior managers today must not only manage and measure the
information security program but they must also translate those
measurements into meaningful reports for senior executives.
4
© Copyright 2008 - Lumension Security
www.lumension.com
PatchLink Enterprise Reporting 6.4 - Overview
Measure and Ensure Network Security
Demonstrate Compliance to Security Policies and Regulations
Use or Extend Over Two-Dozen Sample Reports
Easily Create and Share Custom Reports
Open Reporting Schema Works With Existing Reporting Tools
Consolidated Analysis and Reporting of all Enterprise Vulnerability Management Information
5
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 – Differentiators
Open Reporting Schema: Data views make it easier to find reporting data; underlying queries are exposed to easily create custom reports; works seamlessly with third party reporting tools including SQL Reporting Services, Business Objects, Crystal Reports, and more.
Centralized Reporting: View consolidated data from multiple PatchLink Update Servers, automatically transferred to a secure central repository, via RSA encryption.
Comprehensive Report Library: Over two-dozen standard reports for vulnerabilities, patch deployment, inventory, compliance, and more are included or create custom reports for your unique security needs.
Custom Policy-Based Reporting: Flexible network security reporting based on custom policies to ensure organizations are compliant with SARBOX, HIPPA, FISMA, and others.
Automated Report Generation and Distribution: Schedule automated report generation and email distribution of reports to management to reduce the impact on network resources.
6
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 - Open Schema
User Views make it faster and easier to identify critical data to build reports
Underlying queries are exposed to easily create custom reports
Works seamlessly with third party reporting platforms including MS SQL Server 2005, Business Objects, Crystal Reports, Microsoft Access and Excel as well as any ODBC/OLEDB compliant reporting tool
PatchLink Enterprise Reporting Server – User Views
7
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 – Centralized Reporting
Multiple or single PatchLink Update environments
Centralized reporting on all data collected through the patch and vulnerability lifecycle
8
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 - Comprehensive Library
Asset ManagementHardware Assets by Update ServerHardware Assets Metrics Hardware Assets by ClassSoftware Assets by ClassSoftware Assets by Device
Vulnerability ManagementPatch AssessmentPatch Tuesday AssessmentVulnerability Release by VendorVulnerability Trending Critical Patch StatusVulnerability Status by DayVulnerability Status Drill
ComplianceCustom Compliance by DayCustom Compliance DailyCustom Compliance WeeklyMandatory Baseline Compliance Summary Mandatory Baseline Compliance Detail
Change ManagementAgent StatusPlatform Change Service Change Software ChangeDeployment Status DrillHardware ChangeHardware Change by Agent
9
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 - Custom Reporting
Advanced reporting capabilities
Based on your organizations custom policies
Ensure you are compliant with SARBOX, HIPPA, FISMA, and others.
Enterprise Reporting Server – Sample Custom Report
10
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 - Automated Generation
Scheduled data transfer
Scheduled report generation
Role-based data and report access
Automated email distribution of reports
PatchLink Enterprise Reporting Server – Add Users by Role
11
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting – Key Features
Auto Report Generation & Distribution - Schedule automated report generation and immediate email distribution of reports to authorized users Comprehensive Report Library - Over 30 standard reports for vulnerabilities, patch deployment, inventory, compliance, and more are included Data Mining - Interactive reports allow you to “drill down” into report data, drilling from a global view of all users down to individual groups and entire Update servers down to individual devices. Efficient Data Consolidation - Installs on a separate server to minimize disruptions to PatchLink Update, enabling you to run reports without interrupting key patch and vulnerability tasks Enterprise Dashboard - Global view of vulnerability status for all enterprise assets provides a unified look at the health of your enterprise. Extensible to 3rd Party Reporting Tools - Works seamlessly with third party reporting tools including SQL Reporting Services, Business Objects, Crystal Reports, and more Group Hierarchy Reporting Structure - Ability to report on custom nested groups created within PatchLink Update and directory service groups designated in your Microsoft Active Directory Services structure Instantaneous Results - View current status of vulnerability management efforts with up-to-minute reports Open Reporting Schema - Data views make it easier to find reporting data; underlying queries are exposed to easily create custom reports Policy-Based Reporting - Flexible policy-based reporting enables you to substantiate compliance with security aspects of government regulations such as Sarbanes-Oxley, HIPPA, FISMA and others Secure, Automated Data Transfer - Data from multiple PatchLink Update Servers is automatically transferred to a secure central repository using RSA encryption
12
© Copyright 2008 - Lumension Security
www.lumension.com
Enterprise Reporting 6.4 – New Features
Compatible with PatchLink Update 6.4
Support for Update 6.4 Group Hierarchy Reporting Structure Nested Groups
Directory Service Groups
Backwards compatibility with Update 6.2 and 6.3
13
© Copyright 2008 - Lumension Security
www.lumension.com
Pricing and Licensing Models
Licensing Server Software – Perpetual w/ Annual Maintenance Managed Devices (Agents) – Annual Subscription
Pricing Server Software
$1,995 per Update Server
Managed Devices (Agents) $3 per node (1 year subscription)
» Minimum 10 Nodes Required» Quantity breaks at 250, 500, 1,000, and 2,000 nodes» Multi-Year Discounts for 2 and 3 year deals
14
© Copyright 2008 - Lumension Security
www.lumension.com
Professional Services Offerings
Implementation Services Conduct a needs assessment
and design a solution Execute and automate your
reporting requirements
Custom Reports Create security, policy, or asset
management reports unique to your organization
Advanced Custom Reports Design Executive Dashboards
and Scorecards
top related