product datasheetcoNFIGuratIoN MaNaGeMeNt

reduce costs and attack-related downtime BMC Patch Manager enables the management and deployment of security and functional patches on desk tops, laptops, PDAs, and servers across the enterprise. By automating critical patch management functions, such as patch collection, preparation, testing, staging, deploy ment, and auditing, BMC helps administrators save time, improve response times, and reduce attack-related risks. BMC Patch Manager is a key product within BMC® Change and Configuration Management, a collection of closed-loop solutions that automate the change request, authorization, implemen--tation, and verification of any change-related request according to user roles and corporate policies.

BMC Patch Manager automatically collects and stores patch information from multiple sources, including OS vendor sites, such as Sun Microsystems®, Hewlett Pack ard®, IBM®, Microsoft®, and Red Hat®, as well as third-party repositories, such as Shavlik®, thereby reducing the costs associated with manual patch tracking, reporting, and analysis.

Administrators can view a normalized dis play of all available patch data, including patch depend encies, through a common user interface, and can customize the patch information, such as severity levels and de scriptions. They can filter patch data, sort by MITRE’s Common Vulnerabilities and Exposures (CVE) ID for Microsoft patches, and set policies to automatically re ceive e-mail or visual alerts of new patches.

BMC Patch Manager provides patch-testing capabilities that allow administrators to group test patch installations within sample environments. By simulating the instal-lation of a patch, administrators can minimize risk by analyzing the impact the patch will have on an endpoint and identifying patch conflicts or other problems be fore the patch is rolled into production. With the patches tested and ready for deployment, administrators can

use the application’s comprehensive inventory to collect de tailed information about endpoints, including both hard ware and software details, and about patch information, such as installed patches, missing patches, service packs, hot fixes, and anti-virus software.

Administrators can deploy patches based on security policies for ongoing operations or specific tasks for emer gency deployments. Once a patch policy is de--fined, BMC Patch Manager can automatically target machines that become eligible for patch distribution. The BMC Patch Manager Policy Engine not only facili-tates the initial installation of the patch, but also continu ally monitors the patch to ensure that it remains installed on managed endpoints.

Additionally, the Intelligent Patch Installer enables administra tors to target patch groups based on roles or reporting structures, as opposed to individual patches, to machines, users, or groups of machines. Then, it automatically identifies and pulls down relevant patches for a given endpoint. This eliminates the need for administrators to spend hours determining what patches should be installed on which machines. Adminis trators can then use the application’s reporting capabili ties to audit the state of patch and security compliance across the enterprise.

a reliable, scalable solution BMC Patch Manager leverages the reliability and scal-ability of a proven change management infrastructure, making it the premier patch management product avail able today. Whether an enterprise has 1,000 or 100,000 endpoints, BMC Patch Manager can auto--matically pack age and deploy patches with unmatched reliability and efficiency. This equates to first-time deployment success rates as high as 99 percent or better — even across a distributed, mobile population. And by adding client-side intelligence through the Intelligent Patch Installer, BMC Patch Manager provides

BMc patch Manager Automate patch management to reduce security threats, virus-related downtime, and business vulnerabilities

BMc® patch Manager (formerly known as Marimba® patch Management from BMc software) has been recognized in the sQL server 2005 read ers’ choice awards

> Provide patch and security compliance across your enterprise by rapidly detect ing vulnera--bilities and performing auto matic remediation across major operat ing systems

> Dramatically reduce the maintenance and support cost spikes associated with manual patch detection and installation

> Increase employee productivity through con--tinuous operations for local and geo graphically distributed employees

> Automatically verify and report on current deployment status of any system under manage-ment for compliance reporting

the ever-increasing threat of virus attacks and security breaches place organizations at risk for potentially devastating business losses and network downtime. these risks make it critical for enter prises to continually scan and detect vulnerabilities, and rapidly deploy updates to protect their systems. such fixes can be time consuming, costly, and inefficient — especially when deployed without consideration for user roles or corporate change management best practices. BMc® patch Man ager identifies vulnerabilities, automatically delivers critical patches and fixes to thousands of endpoints, and verifies deployment success.

unmatched speed in patch deployment. In addition, the application’s policy-based distribution delivers the highest patch support cost reduc tions by automatically identifying patches that are miss ing, and dynamically targeting and deploying the patches to endpoints across the enterprise.

summary BMC Patch Manager provides IT personnel with the ability to proactively manage the distribution of patches, including functional, anti-virus, and security patches, lowering the cost of patch management, protecting employee productivity, and reducing downtime as--sociated with virus attacks.

Policy Compliance View

Features > Patch Collection

– Automated collection of patch information

– Automated verification of patch signatures

> Patch Analysis

– Normalized display of patch information

– Auto-filtering of patches

> Patch Testing

– Simulation-based impact analysis of a patch installation

– Display of patch conflicts and install order

> Patch Auditing and Reporting

– Collection of hardware, software, and patch state across UNIX, Linux, and Windows

– Dynamic grouping of patch targets based on inventory information

> Patch Deployment and Compliance

– Unique Intelligent Patch Installer tech nology that speeds up patch installa tion

– Ability to identify and pull down relevant patches based on the operating system (OS), application, and other patches

– Continuous, policy-based enforcement to ensure that a patch always stays installed

> BMC Patch Manager leverages a reliable, scalable, and proven change management infrastructure, making it the premier patch management product available today.

POWERED BY

> BMC Patch Manager is the preferred cross-platform patch solution for Red Hat, and the only one to be certified by Red Hat for updat ing Red Hat Enterprise Linux machines.

P O W E R E D

> BMC Patch Manager has passed the Common Criteria® EAL3 certification. Developed by the National Information Assurance Partnership (NIAP), this certification is an internationally recognized standard of application security.

available products: > BMC® Patch Manager for Clients

> BMC® Patch Manager for Red Hat Enterprise Linux Servers

> BMC® Patch Manager for UNIX Servers

> BMC® Patch Manager for Windows Servers

BMc solution packages with patch Management:> BMC® Configuration Manager for Clients

> BMC® Configuration Manager for Servers

about BMc softwareBMC Software helps IT organizations drive greater business value through better management of technology. Our industry-leading Business Service Management solutions ensure that everything IT does is prioritized according to business impact, so IT can proactively address business requirements to lower costs, drive revenue, and mitigate risk. BMC solutions share BMC® AtriumTM technologies to enable IT to manage across the complexity of diverse systems and processes — from main--frame to distributed, databases to applications, service to security. Founded in 1980, BMC Software has offices worldwide and fiscal 2005 revenues of more than $1.46 billion. BMC Software. Activate your business with the power of IT. For more information, visit www.bmc.com.

For more information, visit www.bmc.com.

BMC Software, the BMC Software logos and all other BMC Software product or service names are registered trademarks or trademarks of BMC Software, Inc. All other registered trademarks or trademarks belong to their respective companies. ©2005 BMC Software, Inc. All rights reserved. 62442

*62442*

Enterprise

Distribute

Test andAnalyze

Audit andCompliance

Firewall

Collectthird-party

patches

AutomatedEnforcement

Automated patch policy enforcement