Protect Your Network
Understanding Unmanaged Systemswww.tartoos.com
The term unmanaged systems refers to
computers that either do not have an automatic update agent, or those that
have been excluded from an organization’s software management system.
Examples of automatic update agents can include:
* Systems Management Server (SMS) agents
* Automatic Updates client, which is used
by Windows Update or Software Update Services (SUS)
Examples of computers that have been
excluded from an organization’s software management system can include:
* Systems or Virtual PCs intentionally
kept outside the managed environment to meet specific needs such as
training, testing or development. These systems can be either stand-alone
machines or those in labs.
* Systems or Virtual PCs unintentionally
kept outside the managed environment. Typically, these are stand-alone
computers plugged directly into the network, sometimes without the
knowledge or authorization of the IT group.
Computers that have been excluded from an
organization’s software management system are not included in the central
management of the network. Because of this, they may lack the security
updates that are applied on a regular basis to those computers that are
managed as part of the central enforcement of security policy. These
unmanaged systems are typically maintained by their own administrators,
who may not apply updates on a regular basis.
It is important that unmanaged
systems, including Virtual PCs, be kept up to date with the same level of
rigor as managed systems, because unmanaged systems that lack current
security updates can pose a threat to your network. So, to completely
maintain the security of your network, you need to ensure that the latest
software security updates are installed on unmanaged systems as well as
managed systems. You can ensure that unmanaged systems, including Virtual
PCs, have the latest software security updates by using Microsoft Windows
Update or through manual checks of these unmanaged systems. For additional
guidance on securing unmanaged systems, please see the following Web page:www.tartoos.com
http://www.microsoft.com/technet/security/topics/patchmanagement/secmod194.mspx
Virtual PCs as Unmanaged Systemswww.tartoos.com
You need to be aware of systems that run
Virtual PCs, as these virtual machines can also be a type of unmanaged
system on your network. Because the operating systems and applications
contained within Virtual PCs are often outside an organization’s software
management system, they represent a special category of unmanaged systems
that your strategies should account for.
Systems that run Virtual PCs have multiple
copies of operating systems and applications that run inside of special
software on a single PC. These multiple operating systems and applications
can each be a different version and may have different security updates
applied (or none at all).www.tartoos.com
From the standpoint of network security,
each instance of a Virtual PC that does not have the latest security
updates represents a possible threat to the network. Thus, from the
standpoint of managing security updates, each instance of a Virtual PC
represents a separate system that must be updated and maintained. The
security update strategies available for Virtual PCs are the same as those
for other unmanaged systems. Depending on how the Virtual PC is configured
to connect to the network, you can use Microsoft Windows Update or manual
checks to ensure that these unmanaged systems have the latest security
updates.
|
مدرسة
الكمبيوتر 