System Compliance on a Budget

Transcript

1. None

2. the question: what is the security posture of our devices?

3. what we used to try and get the answer: McAfee

   ePO Nessus Build something

4. our Experience

5. McAfee ePO

6. problems with McAfee ePO complex inaccuracies cumbersome reports blackbox (customizations,

   waiting)

7. Nessus

8. problems with Nessus tedious overkill inconsistent results hosts accounted for:

   76%

9. our problems in general timing transient devices deepfreeze

10. our kick at the can

11. None

12. what we collect (currently) antivirus windows updates asset info

13. None
14. None
15. None
16. None
17. None

18. the backend host host antivirus antivirus windows updates windows updates

    asset info asset info active directory active directory …? …? …? …? other.. other..

19. the backend host host antivirus antivirus windows updates windows updates

    asset info asset info active directory active directory compliance history compliance history problem frequency problem frequency other.. other.. SHAZAM! SHAZAM!

20. the script (patch_status.vbs) what it does how it evolved where

    it’s headed

21. what it does deployment scheduled task information gathering transport

22. how it evolved primarily driven by trial and error a

    lot of: “wouldn’t this be neat” what works? what doesn’t? dealing with problems

23. what it has changed Managed AV Microsoft update Maintenance window

24. where it’s headed deployment strategy refne/improve installer target other OS’s

25. where it’s headed additional metrics ids alert data device usage

    java version flash version

26. where it’s headed helpdesk integration automated ticket generation

27. thoughts?