About Ivanti Patch and Compliance Manager content

Version 11

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x


    How often does Ivanti release 3rd Party vulnerability content?

     

    The patch content team has a monitor tool that monitors all 3rd party content twice a day.

    When it finds an update for the 3rd party the patch content team is notified and work begins on the definition content.

    Typically release of the content definition will be within 24 hours of the group receiving the notification.

    If the update is not critical it may take more time if they are released on a weekend or on a public holiday.

     

    Where does the Ivanti patch executable content come from?

    Ivanti downloads the patches it deploys from the vendors’ web sites.

     

    What vendor sites are used for downloading patches?

    This list can be updated  daily (depending on vendor and patch availability)

    The following article details the complete list, and is accurate to the date on the filename of the .XLS file:

    http://community.LANDESK.com/support/docs/DOC-1594

     

    How can I see what download paths patches are coming from?

    A current detailed list of URL's can be obtained by running a simple database query:

     

    select url from patch"
     

     

    The following article details the complete list of URL's, and is accurate to the date on the filename of the .XLS file:

    http://community.ivanti.com/support/docs/DOC-9638

     

    Most of the patches are downloaded with HTTP:// with a small number coming from FTP://

     

    What is Ivanti's Process for downloading Content through Security and Patch Manager?

    • Ivanti receives notification of a Patch

    • Ivanti will download the patches from the application vendor’s site.

    • Ivanti does not validate or test patches published by a third party vendor. It is the responsibility of the third party vendor to maintain the validity of the patches published on their websites.

    • Ivanti hashes the "official" patch made available by the vendor.

    • The file hash is to ensure that the patch downloaded from the vendor is the same file provided for remediation. This insures that the patch is authentic and has not been modified for malicious reasons or otherwise.

    • Ivanti creates vulnerability information including detection, install and uninstall commands, and the patch download location.

    • The Vulnerability Information is published to the Secure Ivanti content server.

     

    What process does the Ivanti Core Server follow when downloading Patch Content?

    • Vaminer.exe connects to the selected secureIvanti content server (West coast, East Coast, EMEA).
    • Connection to secure site is verified through a secure certificate.
    • Vulnerability definition information is downloaded directly from Content servers e.g. patch.LANDESK.com.
    • Patches are downloaded directly from the vendor’s site (with redundancy falling back to the Ivanti content servers for certain patches – (see the next question for more details) provided that the file's hash matches the hash created when Ivanti created the content.

     

    Does Ivanti mirror ALL patches specified in vulnerability content?

    Most if not all Microsoft patches are hosted on the Ivanti content servers. There are some Mac patches that are also hosted, usually large file downloads. The hosting of these patches provides a limited backup of the most accessed patches from these two main vendors. Some patch content cannot be legally hosted on the patch content servers and require they be downloaded directly from the vendor's web site (Example: Java patches and other Manual Download patches). These files, however, are still hashed in the Ivanti vulnerability definition to provide the same level of file authenticity as files hosted on the content server.