Virtual patching: a way out of the patch maelstrom

By Tim Ayling, Director for Channels and Marketing, Trend Micro

One of the biggest problems data centre owners have today is patching.

It’s a burdensome, costly, and time-consuming affair that’s often done manually and, given the current threat landscape, can leave mission critical systems open to new threats for dangerously long periods. Typical datacentres today may be running systems from a hotch potch of vendors that need patching, all with different schedules and different levels of criticality. Oracle’s patch load is legendary, while Microsoft’s Patch Tuesday is written on the calendar of most system administrators in double thick red pen.

Add to this complexity the fact that many systems are going out of support and no longer have patches issued you get another headache for the IT department. Then try multiplying this a thousand fold in the environment of a cloud service provider, tasked with keeping secure a data centre servicing hundreds of thousands of users.

These businesses are increasingly differentiating on the security and stability of their services – in this context a missed patch could lead to a serious outage or security incident, bad headlines and an exit of customers.

Today’s patch managers have an unenviable task, not least because of zero day threats. As soon as a vulnerability has been discovered or publicly announced the clock is ticking. Make no mistake; the bad guys have their own SLAs to produce an exploit before the vendor gets there first with a patch of their own. It’s then the job of the overworked system administrator to make sure their systems aren’t exposed, and in virtual environments it can be even more challenging.

The most important thing to remember is that security teams can’t shoe-horn their tried and tested physical security tools and techniques into virtual environments.

It needs to be virtual patching. If organisations simply don’t have the resources to patch more often than every 3-6 months, virtual patching can provide a sticking plaster to fix the issue and protect the relevant systems from vulnerabilities until those patches are applied. It should be an agentless virtual patching system which protects at a hypervisor level, because inserting agents onto each VM will degrade performance.

The benefits are obvious. It’s all about performance, cost and security. If automated, virtual patching can save valuable man hours, as well as extend the lifespan of legacy applications which are no longer supported, and reduce the business disruption caused by emergency patches.

More importantly, for the cloud provider it means peace of mind and knowing your customers are safe.

+ posts

Meet Stella


Related articles

The Metaverse: Virtually a reality?

Metaverses have the potential to enable virtual worlds to expand beyond the gaming genre to encompass all manner of social and commercial activities.

Cybersecurity and Cloud: A Look Back at 2022 and What to Expect in 2023

Businesses are continuously reassessing their resources and options to fill their tech stack. In this competitive digital landscape, the innovative use of technology will be something that would generate a competitive advantage for organisations.

Shopping for Data: Ensuring a seamless user experience 

This combination can drive a business’s data culture and provide a structured approach for businesses to benefit from data intelligence across their operations, with only a few clicks.

Unveiling the Top 10 Cybersecurity Threats to Watch Out for in 2023

As technology advances, so do cybercriminals' methods to gain unauthorised access to sensitive information. With the increasing reliance on technology in both personal and professional settings, it is crucial to stay informed about the top cybersecurity threats to watch out for in 2023.

Is sustainability ‘enough’ from a Cloud perspective?

The idea of uprooting entire sustainability initiatives that took years to formulate and deploy is unsettling for businesses but, in truth, it doesn’t have to be so revolutionary.

Subscribe to our Newsletter