CLIENT STORY
Electrosoft is executing a patch management solution for a Department of Defense (DoD) agency that maintains enterprise software for 55,000 endpoints.

PROBLEM
Supporting the warfighter with globally accessible enterprise software, mobility solutions and information-sharing capabilities has multiple challenges. They include the continuous evolution of the Microsoft and Linux computing environments, the demand for rapid response to cyber threats and continuous pressure to reduce costs. Timeliness is critical in identifying issues, validating them and deploying patches to mitigate network vulnerabilities. 

SOLUTION
Electrosoft is devising an approach that complies with Information Assurance Vulnerability Alert (IAVA), US-Computer Emergency Response Team (US-CERT) and third-party software notices for both Non-classified Internet Protocol Router (NIPR) and Secret Internet Protocol Router (SIPR) networks. Our approach employs three key elements: automating package development, imaging Windows-based workstations and timely package delivery.

1. Automating Package Development: We’re creating scripts to automate and test software deployment packages using tools such as Application Deployment Toolkit, PowerShell, Microsoft Installer (MSI) and System Center Configuration Manager (SCCM). 
2. Imaging Windows-Based Workstations: We’re using Assured Compliance Assessment Solution (ACAS), Tanium and other network vulnerability scanning, configuration assessment and network discovery tools to assure that images are up-to-date and workstations meet DoD requirements for Security Content Automation Protocol (SCAP), and Desired Configuration Manager (DCM) packs for SCCM. 
3. Timely Package Delivery: After vulnerabilities are identified and packages have been validated, they must be delivered to distribution points (i.e., servers) in the network. Our approach uses Nomad (or similar products) to effectively cache the packages and deliver them to the endpoints faster and at lower lifecycle cost.

RESULTS/BENEFITS
As of October 2019 on this ongoing effort, Electrosoft had successfully managed over 55,000 DoD endpoints and deployed thousands of packages to provide users with up-to-date features and functions while defending the network against cyber threats. We will continue to work with the government to find new methods that exploit discovery tools and automation to proactively sustain the network and support the warfighter.