Re: System Quarantining

From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 09/14/05


Date: Tue, 13 Sep 2005 23:05:59 -0400


"p" <pafoti@gmail.com> wrote in message
news:1126629511.844362.313220@f14g2000cwb.googlegroups.com...
> Does anyone know of any products that will quarantine systems that do
> not have the most updated MS Critical Patches? We have LANDesk and
> looking into that. I know Cisco has MARS and another security package.
> Basically, we have workstations we deploy patches to that we control.
> However, we have many laptops that we do not control, but want to
> ensure they have updated patches.

There are a number of products that do that. Besides the products you
mentioned, Microsoft has Windows 2003 which comes with Quarantine Server at
no extra cost, and I believe Sygate has a similar product.

You may not need a quarantine product necessarily. There are products like
Microsoft WSUS [also free] and McAfee ePolicy Orchestrator that will detect
new unmanaged computers on the network, detect whether patches are
installed, and push the needed patches or take other actions necessary.
Infected systems will be on the network, but not for long, and the cost and
administrative overhead may be less.



Relevant Pages

  • Fw: [Re: Rather large MSIE-hole] another variant
    ... Virus name: XMLid.Exploit ... Action taken: Clean failed: Quarantine succeeded: Access denied ... > and the http://www.liquidwd.freeserve.co.uk/ link stops bringing up a DOS ... > with all patches, IE6 with all patches. ...
    (Vuln-Dev)
  • RE: RPC Scan Issues
    ... Worked for me as I pushed out patches via a login script. ... machine that had installed the patch, ... Download ClearSight Networks Analyzer and see a new network analysis tool ... Better Management for Network Security ...
    (Focus-Microsoft)
  • Re: Deploying patches with a script
    ... > to deploy patches and hotfixes across a network through scripts. ... I didn't want to spend as many hours patching machines with KB824146 exploit ... Setup a network share with full privileges for the account you will patch ...
    (microsoft.public.security)
  • Re: maccies - living in the past.
    ... not at any point prior to infection hooked into our network. ... our web server was completely isolated from our network. ... install - no patches applied yet), I find it unlikely that it is ...
    (comp.sys.mac.advocacy)
  • Re: maccies - living in the past.
    ... not at any point prior to infection hooked into our network. ... our web server was completely isolated from our network. ... install - no patches applied yet), I find it unlikely that it is ...
    (comp.sys.mac.advocacy)