10 Replies Latest reply on Feb 28, 2017 5:16 AM by Thom.Turner

    Shavlik Protect 9.3 questions

    kaanfu Rookie

      Hi,

       

      I have few questions about shavlik protect 9.3:

      • When will it be released?
      • What are the new features?
      • Will we finally be able to patch Linux machines(ubuntu, red hat, suse)?
        • Or will there be somekind of integration to linux patch management, such as puppet?
      • Will we get integration to vulnerability scanners?
      • Will agent-based machines finally get same features as agentless machines, such as custom actions, remote dialog, ect...?
        • 1. Re: Shavlik Protect 9.3 questions
          cwinning CommunityTeam

          Jimmy,

           

          I think this is best answered by a Product Manager, however they are all attending our yearly Sales Kickoff this week.  I'll forward a note to them and they will post a response as soon as they are available to do so.

           

          What I can answer is we are currently in Alpha testing for our new API Feature. The API feature exposes the Shavlik Protect API stack. You can execute API-level calls from the command-line or from a PowerShell console.

           

          Thank you,

          Charles

          • 2. Re: Shavlik Protect 9.3 questions
            cwinning CommunityTeam

            Hello,

             

            Apologies for the slow reply here.

             

            • When will it be released?
              • The targeted release of 9.3 is the end of Q1 2017. We are currently in an Alpha testing phase to let those users who are very interested in the API feature set start playing with it and providing feedback. If you are interested in this, please post your email address and I will send you an invite. If you are interested in being a part of the Beta release, let me know that as well and I will have you added to the list. We hope to go Beta sometime in February.

             

            • What are the new features?
              • API calls for Scan, Deploy, Power State, Wake on LAN, Patch Group, Credential Management.
                • Facilitate integration with Vulnerability Scanners.
                • Facilitate integration with Orchestrators.
                • Allow scripting of complex scenarios with many dependencies on other machines (Clusters, F5 server pools, tiered applications, etc…)
              • Ability to group Machine Groups, Patch Groups, Templates in a hierarchical structure in the left navigation folder path
                • Groups can be moved by drag and drop.
                • Ability to execute a Run Operation on any level in the hierarchy and it will include all children below that level.
              • Snapshot Cleanup as background task.
                • Schedule cleanup independent of a deployment task
              • Stage Deployment as a separate schedulable step
                • 4 discreet schedulable points in patching process (Scan , Stage, Execute and Reboot – in deploy template)
                • Set initial scan time and set an offset which is with respect to the scan time (if offset time is passed, the next task will start immediately after the previous task completes)
              • New IAVA reports
                • Machine Compliance and Machine Non-Compliance
              • New Query to support download of missing patches
              • Thread Management
                • Global setting to allow a global maximum thread count per CPU
              • Search Features extended to more areas
                • Machine Group > Hosted Tab
                • Scan View and Machine View in the Patch Pane
              • New Group and Filter options in grids
                • Ability to fliter out by headers so that Information and Service Pack Missing items can be hidden.
                • Ability to do more elaborate filters across multiple columns and to do group by options to group by any column

             

            • Will we finally be able to patch Linux machines(ubuntu, red hat, suse)?
              • With the acquisition of HEAT, we will have a Linux patch solution to offer.
            • Or will there be somekind of integration to linux patch management, such as puppet?
              • With the acquisition of HEAT, we will have a Linux patch solution to offer. We have future plans to have a better integration of the best technologies across all of our products.

             

            • Will we get integration to vulnerability scanners?
              • With the API feature set you are able to integrate with vulnerability scanners. A scan result set from a vulnerability scanner can be brought into Protect via the 9.3 API feature set to create a patch group of available missing patches that were identified by Protect as needed to address as many of the vulnerabilities as possible.

             

            • Will agent-based machines finally get same features as agentless machines, such as custom actions, remote dialog, ect...?
              • This was not in the scope of the release.

             

            Thanks,

            Charles

            • 3. Re: Shavlik Protect 9.3 questions
              karlis.melderis Rookie

              Please add me to beta test.

              I guess alpha is closing up as it's Feb already

               

              hope you will find my e-mail in profile!? not sure if it's wise to post it all over in Internet

              • 4. Re: Shavlik Protect 9.3 questions
                cwinning CommunityTeam

                Hello,

                 

                Please send an email to beta@shavlik.com, this will be routed to the Product Manager controlling the beta invites.

                 

                Thanks,

                Charles

                • 5. Re: Shavlik Protect 9.3 questions
                  karlis.melderis Rookie

                  I think we are missing very crucial feature in the list

                  Integration with password management tools (for us that would be Secret Server)

                   

                  I'm using other tools like Remote Desktop Manager (Remote Desktop Manager - Remote connection and password management software ) and integration with Secret Server makes it super easy to work with accounts that are managed with Secret server and password is changed all the time.

                  Currently we need to update password for standalone servers before every patching session and it's big pain.

                  if new version could include option to link secret from SS to machine in Shavlik lot of time will be saved and our security team will be way more happy.

                  • 6. Re: Shavlik Protect 9.3 questions
                    karlis.melderis Rookie

                    and 2nd feature what Shavlik is missing:

                    Build Machine groups based on LDAP queries.

                     

                    we have customers where it's impossible to change OU structure just due to Shalik.

                    It's not even considered and seen as a joke

                     

                    so apart from importing CSV files or managing groups server by server good option would be to play with LDAP queries to pull in needed servers.

                    • 7. Re: Shavlik Protect 9.3 questions
                      cwinning CommunityTeam

                      Hello,

                       

                      I would suggest submitting a feature for the integration to password management tools.  It's too late to include in Protect 9.3, but maybe 9.4 would be a candidate.  In Protect, go to Help > Submit a feature request.

                       

                      You can setup Protect's Patch Group to build based on the OU instead of manually adding the machines. The list of machines included in the scan would be based off of OU instead of a static list of machines.  In other word, the scans would include\ignore any machines added or removed from the OU.

                       

                      An OU added in Organizational Unit tab is what I'm referring to:

                       

                      Thanks,

                      Charles

                      • 8. Re: Shavlik Protect 9.3 questions
                        karlis.melderis Rookie

                        This OU option is exactly what I cannot use due to business reluctant to change OU structure just because of Shavlik.

                        We need another more flexible way - LDAP queries.

                         

                        Thus I can pull in servers that are members of certain group or have needed naming pattern. basically all LDAP query can handle.

                         

                        And please don't ask to submit feature request. I did it at least twice and it's a notorious black box with no feedback nor progress on features.

                        • 9. Re: Shavlik Protect 9.3 questions
                          cwinning CommunityTeam

                          Hello,

                           

                          I will pass this feedback to Product Managers and request some feedback.

                           

                          Thanks,

                          Charles

                          • 10. Re: Shavlik Protect 9.3 questions
                            Thom.Turner Rookie

                            Please please include AD integration in the next release, patch by AD groups is a must! I have also submitted a request (RE-2743) almost a year ago. As Karlis mentions this feature request feels like a black hole! Zero feedback, after a wile you wonder why you bother.

                             

                            Ideally Shavlik should post feature requests to the community and we can vote on which ones we would like to see developed, The request with the must votes go through to feasibility by the developers. That way you make a product which your customers want. Please engage more.