• 1. Discover - Gain complete visibility of your heterogeneous network environment. Proactively discover all of your IT assets, both managed and unmanaged, through in-depth scans and flexible grouping and classification options.
• 2. Assess - Proactively identify known issues before they can be exploited. Perform a deep analysis and thorough OS, application and security configuration vulnerability assessments.
• 3. Prioritize - Focus on your most critical security risks first.
• 4. Remediate - Automatically deploy patches to an entire network. Simplify the process of maintaining a secure environment by continuously monitoring, detecting and remediating policy-driven environments across all major platforms and applications.
• 5. Report - Gain a holistic view your environmental risk. Access a full range of operational and management reports that consolidate discovery, assessment and remediation information on a single management console.

• Features Web-, role- and workflow-based navigation to simplify and optimize endpoint operations. Seamlessly integrates with other Lumension Endpoint Management and Security Suite product modules.

• Reduces administrative burden with a single, intuitive management console for easy patch and remediation administration across multiple platforms and many applications.

• Provides comprehensive understanding of security posture for inventory and management of both physical and virtual environments via in-depth assessment of vulnerabilities, patch status, security configurations, installed software, and hardware inventory.
• Discovers both managed and unmanaged devices and provides swift agent deployment to any unmanaged assets.

• Collects device, security and configuration information to provide consolidated visibility and lower TCO.
• Ensures visibility and control of both physical and virtual environments with effective management at a significantly reduced TCO.

• Vulnerability audits and remediation with wide support across major OS platforms (Windows, including Windows 7 and Server 2008 R2; Linux; MacOS; Sun Solaris; HP; etc.), POSIX and infrastructure devices, as well as third party applications, including Adobe software — all from one single console.
• Vulnerability audits include security configurations, OS and application vulnerabilities, null passwords, patch-level related vulnerabilities, known hacking tools, malware, common worms, and P2P software checks.

• Enforces corporate patch policies regardless of the endpoint platform or applications.
• Optimizes IT operations and provides an improved security posture and reduced TCO via a broad vulnerability assessment and remediation database.
• Eliminates software-defect vulnerabilities per policy on all platforms.

• Automatically enforces patches, configurations, remediations and other custom and repetitive tasks.
• Baseline policies can be easily exported and applied across multiple groups and servers for consistency.

• Ensures that patches, configurations, remediations and other custom and repetitive tasks are continuously and automatically enforced.
• Simplifies the recreation of previous mandatory baseline policies and ensures consistency across the network.

• Provides detailed information across the patch and remediation management process, including agent policy status, vulnerability deployments, asset inventory and more.

• Delivers insight into the security status of the organization.

• Enables rapid response to internal or regulatory compliance requirements.

• Ensures complete coverage for the largest worldwide networks with high-availability topologies and n-tier distribution architecture. Packages are cached locally, minimizing network traffic and optimizing bandwidth utilization.

• Leverages your current network infrastructure in order to reduce TCO from day one of implementation through the life of the subscription.
• Adapts to various organizational setups, so you can always integrate the scanner into new business structures.
• Ensures inventory and management of both physical and virtual environments from one consolidated console.

• Enables the Patch Management Administrator to delegate/ approve patch management activities/ information across multiple employees, based on the employee’s role or security level.
• Ensures that all systems meet a mandatory baseline policy – a key aspect of corporate security and regulatory compliance.

• Enables you to set specific policy and enforcement for each group in the enterprise.
• Provides maximum policy flexibility with automated enforcement, saving both time and effort by IT staff.

• Significantly improves productivity while maintaining security.

• Supporting open standards and multiple sources of content, Lumension Patch and Remediation delivers a customizable and diverse platform for operational security management.
• Seamlessly manages third party vendor content and automatically detects and obtains prerequisite patches.

• Single tool's extensibility addresses the needs of customers and provides flexibility to easily accommodate new software and initiatives as they arise.
• Automates the management and reporting of Lumension and third party licensed content and prerequisite patches without complex or manual credentials management.

• Resilient, lower overhead agent with scalable architecture to secure on- and offline systems.
• Provides easy agent install and uninstall capabilities.

• Protects laptops, servers, and desktops that are often disconnected from the network and reduces network bandwidth usage.
• Resilient agent offers self-monitoring and recovery capabilities for increased security.

• Enables "wake now" capability for specific devices at any given time to deploy highly critical patches or urgent software updates.

• Eliminates blind spots in ongoing network maintenance and ensures that offline machines receive critical patches and software updates.
• Ensures the attainment of maximum energy efficiency when used with power policies via Lumension Content Wizard.

• Dynamic creation of groups based on existing Microsoft Active Directory environments with cascading inheritance for agent policy, mandatory baseline and user permissions.

• Saves time and reduces TCO by integrating with Active Directory which eliminates the need to recreate the logical organization of systems.

• Automated deployment of the Lumension remediation agent to unmanaged (rogue) computers.

• Ensures maximum coverage and protection, with minimal time and effort required by IT operations.

• E-mail alerts can be sent to administrators to notify them of a variety of issues, including subscription or remediation failures, upcoming license expiration and more.

• Improves security through the timely response to issues.

• Improves administrative productivity through proactive, automated alerts.

• Administrators can define specific days and intervals of time during which the agent can communicate with the server and perform operations, in granular half hour increments

• Minimizes business disruptions and thus improves the productivity of the organization.

• Creates custom computer groups based on the enterprise’s needs.
• Allows the administrator to represent multiple layers of geographical or organizational structure within the solution.
• Hierarchical "Nested" Grouping.

• Enables you to increase deployment accuracy and IT efficiency by employing an organized approach via custom groups.

• Reduces agent and group configuration efforts through more efficient creation and management of agents within groups.

• Facilitates the deployment of group-specific patches according to your corporate policy.

• Enables creation of a custom dash board for the most critical information in order to highlight the success of your organization's patch management process from a list of 8 key indicators.

• Provides an informative snapshot of current patch status in order to report to executive management.

• Delivers multiple patches to multiple computers in one distribution.

• Simultaneously eliminates multiple vulnerabilities are simultaneously eliminated while minimizing IT costs.

• Automatic and secure identification and notification of the latest patch vulnerabilities across multiple platforms and applications.

• Eliminates the cost of manually monitoring, acquiring and staging patches for multiple platforms and applications throughout the enterprise.

• Ensures systems stay patched and are automatically updated.
• Ensures unauthorized packages are not able to enter your network.

Note: Lumension Endpoint Management and Security Suite must be installed on an English operating system using any English locale (en-US, en-UK, en-CA, and so on) in its default configuration.

Note: If not present, Microsoft .NET Framework 3.5 is installed with Lumension Endpoint Management and Security Suite.

Supported database servers can be installed in the following locations relative to the Lumension Endpoint Management and Security Suite server:

• Locally in named instances installed by Lumension Endpoint Management and Security Suite.
• Locally in named or default instances that are preexisting.
• Remotely in named or default instances that are preexisting.

Note: If an instance of SQL Server is not present on your target server, SQL Server 2008, Express Edition with SP1 is installed with Lumension Endpoint Management and Security Suite (if you are not using a remote instance of SQL Server)