Castleforce IT Security Team

Patch Management

GCSX No 14.1 Patch Management

A patch management policy MUST be in place and documented for all software (including firmware) used on the network

GCSX No 14.2 Patch Management

Patches MUST be applied in a timely fashion and audited to ensure compliance. Please state your Organisation's patch delay time (e.g. from a patch being issued, identified as critical/ patch requires to be applied, tested, installed, verified etc) when applying usability, fault and security patches.

Patch Monitoring

Assuria Auditor measures, manages and enforces security policies and Log Manager is designed to meet the requirements of enterprise wide management of audit logs generated by systems, devices and applications Assuria Auditor measures, manages, and enforces security policies across a wide range of operating systems using a host-to-network view of critical systems and servers. Assuria Auditor's methodology simplifies the creation of system security baselines for users, groups, shares, services, and critical system files, and easily fits in with existing business processes.

Network Access Control Partners

NAC and IPS by ForeScout Technologies CounterACT limits non-compliant device access to specified resources, thus enabling users to remain productive while their device-compliance violations are addressed. For example, if a user device is found to have an out-of-date anti-virus (AV) definition file, it can be moved to a VLAN, allowing the user to access email and Internet while blocking the device from other critical resources. CounterACT can then work with existing services to provide guided remediation and/or cue the AV server to auto-update a specific device. Once remediation is complete and the device is found to be in compliance, complete access to the production network may be granted or restored.

CounterACT integrates with a number of remediation services, including patch management, anti-virus, anti-spyware, vulnerability management, and more. These third-party integrations allow CounterACT to orchestrate and automate the process of correcting policy violations. For example, if a device misses a critical patch, CounterACT detects the policy violation and automatically cues the patching engine (Microsoft WSUS or SMS) to update the specific system. Often this can be done without the user’s involvement, retaining update report information for future security audits.

Contact-Castleforce-for-help-with-Compliance
Trend Micro Websense integrated Web, data and email security The Mycroft Gateway solution provides DSAS accredited hosting environments for UK Restricted data Safend Secure your Endpoints Stonesoft produce high availability multi link ISP firewalls to help reduce single point of failure AwareGO IT Security Awareness Training LogLogic open log management and database activity monitoring Aruba Networks securing the wireless LAN SureCloud automates the vulnerability management life-cycle nuBridges Application and Database Encryption with encryption, tokenization and key management Network Access Control and IPS by ForeScout C2C Email archiving, file archiving email management software Bit9 Application Whitelisting Titus-labs classify your data

© Copyright Castleforce 2007-2010. Web design by Theme Group