Hi All, you have all seen me whittling on about Application Whitelisting previously and characterisation.
The Australian Government have mandated that all agencies apply application whitelisting to all servers and endpoints. So if you have for example 25,000 servers, consisting of various Microsoft Windows, LInux types and another 25,000 endpoints workstations, laptops, and mobiles - how long would you realistically think or by experience think the project would take? On the basis, there is good IT Operations integration, resources, and Governance following patch management, and ITIL processes.
Your thoughts appreciated
A). Government controlled environment
B). 10,000 End Points mixture of Workstations, Laptops and Android and Mac phones
C) 10,000 Servers - virtual workloads mixture of Microsoft Servers varying types; Linux variations including Red Hat
D). All updates go through a secure proxy for patch management purposes - known authenticated sites.
E). Patch management regime based on critical, high, medium and low impact patches and priority i.e. weaponisation factor.