What if you could mimic the function of a patch on the network instead of rushing to test and deploy the actual patch right away? That’s what triggered the whole idea of inline patching. Blue Lane takes a whole new approach to the way we can respond to vulnerabilities that require immediate patching.

Changing The Way Patching Is Done
Don’t confuse Blue Lane with a traditional patch-management solution like Big Fix. While they do a very good job in distributing and managing the patch roll-out process, which is ok if you are ready to do so – they can’t take away the risk of testing the patch or breaking something once it is deployed. Especially on servers that run critical services, you can’t afford to roll-out an untested patch, but yet at the same time you need to respond to the onslaught of new vulnerabilities.

How Does It Work?
Once the appliance is deployed it goes into discovery mode on all network reachable servers. It looks for servers and retrieves the appropriate information such as OS version and patch levels. Note that all this is – agentless, you don’t have to install any software on the server. The discovery can be done in a automated fashion or manually where the administrator adds servers via the Blue Lane interface. It’ll then build a chronology of what patches are installed and which ones are missing.

Discovery Mode allows administrators to identify OS versions and corresponding patchlevels

Quick Installation
A typical deployment of the Blue Lane appliance can be done rather quickly, within a couple of hours the appliance can be online and ready. Most customers turn on automatic inline patching so that patches are applied automatically. According to Blue Lane, configuration and management is straightforward and doesn’t require additional training for administrators.

Integration with Oracle
Blue Lane currently covers operating systems and server applications such as Apache, Bind, IIS, Oracle. They are also looking into adding additional services such as application servers. Blue Lane wrote an integration plugin for Oracle’s Enterprise Manager Grid Control, this allows management of Blue Lane devices within the Oracle framework

Breathing Room For Administrators, Instant Security
Some of the typical benefits that customer experience are a) not having to do with the monthly patch cycle and the associated cost savings of that and b) increased availability because server and applications can continue to be available and you don’t run the risk of shutting down a service due to a bad patch. Keep in mind that all of that happens instantly, you get security right away, rather than waiting weeks to get a patch tested and deployed. “Prior to using Blue Lane - our customers told us that - they where happy if they could deploy a patch within a week. Most enterprise organizations, have their own test labs where they do extensive regression testing before they can deploy a new patch, so it’s not so much about the patch itself but rather what could happen during the installation or once the new patch is deployed,” said Fred Kost, VP of Product Management at Blue Lane.

Take a look at which patches are applied

Customers Not Affected By New Vulnerabilities
Some of Blue Lane customers are service providers that are managing hundreds of business customers within their data centers. They immediately saw a big reduction in downtimes which translates directly to revenue and increased customer satisfaction. This essentially changed their business model according to Greg Ness, VP Corporate Marketing at Blue Lane: “One customer did an analysis after some of the recent Microsoft vulnerabilities were ripping through the internet and they found that all the systems that where under Blue Lane protection did not get affected at all - despite not having the actual patch deployed. We also found that in particular companies that have combined security and operations into one group will benefit from the methodical and manageable process that Blue Lane is providing. Customers will still apply the actual patch, only now they can do that in an orderly manner while still being protected.”

Two Types Of Appliances
The product line includes two type of appliances that can handle anywhere from several dozen to several hundred servers pro device. Device througput is estimated at 1 Gbps and 400 Mbps for the smaller one.

Blue Lane is already selling overseas through channel partners, is now shifting to a channel-only model in the US as well.

3 Comments

Comments RSS TrackBack Identifier URI

Leave a comment

You must be logged in to post a comment.