Scriptme.net fresh news

Dave Bailey, IT Week, Wednesday 27 February 2008 at 00:00:00

Shavlik's latest patching and anti-spyware suite keeps desktops and servers clean

Launched this month, version 6 of Shavlik's NetChk Protect security suite aims to keep Windows desktop systems and servers clear of malware. The updated package features a new patching system called Any Patch Anywhere and an enhanced management console. Any Patch Anywhere uses a wizard-driven custom patch editor and Shavlik's Dynamic Product Detection scan engine technology, allowing users to create and maintain custom patches. The new network-based console is designed to make it easy for administrators to check security status, manage system policies and schedule reboots so as to minimise disruption to users. Extended support Shavlik has also extended the range of systems that the suite can protect to include BlackBerry Server, Microsoft Exchange 2007 SP1, Microsoft ISA 2004 Enterprise Edition, Skype, Sun Java applications and VMware. We tested NetChk Protect 6 using a standard Intel system with two 3.2GHz Intel Xeon dual-core processors and 2GB of system memory, running Windows Server 2003 R2. For storing patch data, spyware signatures and scan data, we installed SQL Server 2005 Enterprise Edition. Although easy to install, the system takes time to set up. This is because the process requires users to make several key decisions about patch and spyware remediation and when to reboot systems. After the patch updates were fed into the database and the signature files for the spyware scan downloaded, we could define which systems to check for patching, and which for spyware. Protect 6 can run three types of built-in scans: a security patch scan, a scan for picking up security and non-security patches, and a spyware scan. Users can also define their own custom scans by using the Agent Policy Manager to check the status of specific applications that they have rolled out to their desktop systems, for example. We patched the server on which NetChk was running with Windows Update, but left all the other applications that were installed and running unpatched. A security-only scan picked up all 23 of the security updates and also correctly found our SQL Server database was missing service pack 1. It also informed us of four missing patches that should be installed to secure the system. The graphical user interface does a good job of clearly relaying a wide range of information. Protect 6 also enables users to uninstall problem patches and roll back spyware signatures. Admins can define the scope of a scan using "system collections" that come under a range of headings, such as My Domain or My...

> Read the full article