Re: Application whitelisting mandate

Caute_cautim · ‎12-06-2019

Hi All, you have all seen me whittling on about Application Whitelisting previously and characterisation.

The Australian Government have mandated that all agencies apply application whitelisting to all servers and endpoints. So if you have for example 25,000 servers, consisting of various Microsoft Windows, LInux types and another 25,000 endpoints workstations, laptops, and mobiles - how long would you realistically think or by experience think the project would take? On the basis, there is good IT Operations integration, resources, and Governance following patch management, and ITIL processes.

Your thoughts appreciated

Regards

Caute_cautim

Cyberconstlearn · ‎12-06-2019

That’s an impossible question to ask without a knowing very specific things about your environment. For instance do you push said patches to mobile laptops and such over the internet, or just when say vpned? How many of each do you have, servers serving said patches...etc

Caute_cautim · ‎12-06-2019

A). Government controlled environment

B). 10,000 End Points mixture of Workstations, Laptops and Android and Mac phones

C) 10,000 Servers - virtual workloads mixture of Microsoft Servers varying types; Linux variations including Red Hat

D). All updates go through a secure proxy for patch management purposes - known authenticated sites.

E). Patch management regime based on critical, high, medium and low impact patches and priority i.e. weaponisation factor.

Regards

Caute_cautim

Cyberconstlearn · ‎12-07-2019

Well depending on the task force assigned to this, the amount of power they have to make decisions and implement them, with that same type of deal that we recently had to do, we pushed it to be done to around 9-10 months, but it has to be extremely collaborative to get even 97% compatibility. 100% will of course, be impossible.