ฺฺBasic Plan

This plan provides patch management services for a minimum of 100 devices/servers. Our services cover the design, architecture, deployment, and consulting aspects of patch management. The service operates automatically for supported Microsoft products, with the following features:

•  Silent automatic installation of patches and updates.

•  Updates for third-party applications.

•  Installation of hotfixes and security patches.

•  Uninstallation of applications/updates.

•  Standardizing software across the organization.

•  Automatic removal of unauthorized applications or software.

•  Management of inventory data and system configurations.

•  Automated scheduling of patch updates with alerts and reporting.

•  On-the-job training for internal IT teams to ensure smooth operations.

Standard Plan

Building upon the Basic Plan, the Standard Plan expands services to include:

• Regular vulnerability scanning (quarterly).

• Patch management for Linux, MacOS, and iOS devices.

• Enhanced server security through security hardening.

• Automated operations and management for all active Microsoft products.

This plan is ideal for businesses requiring additional security measures and multi-platform support.

For Red Hat Linux environments, our system engineers follow these steps to ensure secure patching:

• CIS Standard Scanning: Conduct CIS scans to identify security vulnerabilities.

• System Hardening: Customize configurations to enhance server security.

• Manual Patch Updates: Apply patch updates manually with minimal disruption to system operations.

For MacOS and iOS devices, we manage patching using SimpleMDM, a mobile device management solution that provides automatic updates for Apple devices.

The Premium Plan offers comprehensive services for End-of-Life (EOL) and End-of-Support (EOS) systems with advanced security measures, including:

• Layered Security Measures** for unsupported systems.

• Virtual Patching** via TrendMicro technology to protect against vulnerabilities.

• Monthly Vulnerability Scanning to identify and resolve potential issues.

• Patch Management and Security Hardening services for servers, as outlined in the Standard Plan.

This plan is ideal for organizations with legacy systems that require advanced security measures to mitigate risks.

Microsoft Products at EOL and EOS

For EOL or EOS versions of Windows, we recommend the following steps:

Upgrade Guidance: Assistance with upgrading systems.
Protection Services for Non-Upgradable Machines: For systems that cannot be upgraded, we offer the following security enhancements:

•   Network Segmentation: Isolate vulnerable machines from other network segments.

•   Perimeter Protection: Secure the network boundary with dedicated firewalls.  

•   Port Management:

•   Conduct a full port scan.

•   Close unused ports to reduce the attack surface.

•   CIS Vulnerability Scanning and Hardening: Perform CIS standard scans and secure the system according to best practices.  

• Endpoint Protection (TrendMicro Virtual Patching): Install TrendMicro virtual patching to protect against unpatched vulnerabilities on outdated systems.