Operating system & software version management
Automated & audit-proof documentation of operating system and software versions
Free trial In a nutshell NIS2 🇩🇪Motivation
- Enterprise architecture - Verification of compliance with the specifications defined in the IT master plan.
- IT security - Detection of deployed product versions with known IT vulnerabilities, unintentionally installed products for system hardening or used products that have reached the end of their service life and for which support and maintenance is no longer available.
- IT operation - Identify changed versions of products in use in the IT landscape that could be the cause of an existing or impending problem.
- Change management - Check whether a change ticket exists for the version change and whether it is a planned change. Otherwise, it is an unplanned change.
- Cost allocation - Detect the execution of an update service and bill the owner for it.
Technical solution
Technical solution
A practical implementation example is demonstrated using the Versio.io solution. Versio.io is a change detection and post-processing platform.
For the technical implementation, a Versio.io OneImporter must be installed on each host. This agent performs version queries fully automatically and at configurable intervals.
The OneImporter sends the data with the software products and versions to the Versio.io platform. The platform determines whether changes have occurred, saves the change and executes post-processing triggered by the change.
It is possible to include all software products installed manually or with the package manager in the version query. For this purpose, Versio.io provides an extensive knowledge database for the version query of known software products. This can be expanded to include customer-specific and unknown products.
A practical example
A practical example
The following example shows an operating system of a host with the detected versions of the software products installed on the host. These can be manual or package manager-based installations.
The lower box with the timestamp "17 minutes ago" shows the status of the software versions initially detected with the Versio.io OneImporter. Subsequently, an operating system update was carried out by the author. In the cyclically executed version detection by the OneImporter, all changed versions were automatically recorded and documented after the update. This can be seen in the box below with the time stamp "8 minutes ago".
Based on these detected changes of the software versions, a fully automated post-processing in Versio.io can now take place (see quotation marks in motivation section).
Summary
- The continuous determination of the version of software products in use is relevant for the stability and security of enterprise companies.
- For reasons of efficiency and error-proneness of manual collection, version determination should be automated.
- The ability to assess and post-process changing software versions enables the feasibility of many IT use cases. Automation is also indispensable here due to the mass of data to be processed and the error-proneness of manual execution.
- The auditor of the next certification will be very pleased with the detailed recording of version information and its changes for the software products used.
Content repository - product release & end-of-life
A daily updated, centralised and harmonised content repository of versions, releases and patches of software and hardware products as well as their end-of-life (maintenance, support) information.
Supported product releases & end-of-life
Overview of supported product versions & End-of-Life (EoL) information in the Versio.io content database.
Versio.io supported enterprise technologies
Versio.io supports a wide range of hardware & software technologies to help organizations automate inventory, reporting, compliance and management of the IT landscape.
Author | April 2022
Keywords