SrikantRajeev
asked on
Virtual Patching
Have any one worked on Virtual Patching solution & how it is effective.
Can any one share how it works & how different from the normal patching solution ?
What are the advantages of the Virtual patching & how it over comes the normal patching solution ?
Can any one share how it works & how different from the normal patching solution ?
What are the advantages of the Virtual patching & how it over comes the normal patching solution ?
ASKER
thanks
can i get documents related to Visualization. How is it useful & helpful for the visualization platform.
can i get documents related to Visualization. How is it useful & helpful for the visualization platform.
You may need to post another question for that... do you mean virtualization?
ASKER
yeah virtualization
Relevant to the conversation here, whether a service (web server, etc.) is hosted on physical or virtual hardware, the general benefits remain the same. See the first benefit provided above relating to scale. Virtualization allows for more services and operating systems to be hosted on physical hardware. For example, one hypervisor (aka virtual machine manager (VMM)) hosting 5 independent web servers on one physical server vs. one physical server dedicated to hosting one web server. A properly placed virtual patching appliance could now patch the 5 web servers instead of one (due to the benefits the VMM) using the same hardware. These are distinct and unrelated technology/layers which simply share commonality in name. See http://en.wikipedia.org/wi ki/Virtual ization for more information on virtualization.
ASKER
Have you worked on any specific product for the virtual patching.
If so what is that product.
If so what is that product.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
Here are some best of breed WAF's:
Barracuda Web Application Firewall
Check Point Web Intelligence
Another free solution to try: VasPatch
Barracuda Web Application Firewall
Check Point Web Intelligence
Another free solution to try: VasPatch
See https://www.owasp.org/inde
The following paper from SANS is also useful:
reducing-organizational-risk-vir.pdf
**All text taken from source cited above.