BIGFIX, INC. - SECURITY CONFIGURATION MANAGEMENT - VULNERABILITY MANAGEMENT - ENDPOINT SECURITY

Company

Products

News & Events

Industries
»Financial
»Insurance
»Healthcare
»Education
»Manufacturing
»Technology
»Government
»Energy

Case Studies
»Pitney Bowes
»TRW Automotive
»Darden Restaurants
»Duke UniversityMedical Center
»Stanford University
»CenterBeam
»Financial Services

Organization

Duke's Department of Medicine IT organization supports and maintains servers and desktops used for a variety of critical functions at the Medical Center, including world-class research labs with computers running hundreds of thousands of dollars of equipment churning tens of thousands of data elements per second.

Researchers, clinicians, students and other hospital staff at Duke rely on these systems, and depend on the IT departmental staff to keep them constantly running and available.

Situation

When the double whammy of the MSBlaster worm and SoBig virus hit in August 2003, giant organizations like CSX, Lockheed Martin, and the US Postal Service were severely disrupted by the attacks.

But for Duke University Medical Center's IT staff, which is charged with maintaining hundreds of Windows-based desktops and servers at the medical center, it was just another day at the office, as the department's computers were well protected.

Solution

Network System Analyst Tim Rice turned to BigFix in early 2003 to help automate the complicated patch management process at Duke University Medical Center, and effectively protect the department's systems from vulnerabilities.

"Applying patches by hand is not prudent from either a fiscal or security standpoint," comments Rice. "It takes too long and costs too much to do. When we started testing BigFix, it reported over 10,000 patch instances across some 550 machines."

Result

Using BigFix, the IT departmental staff was able to quickly evaluate the state of each of his desktops and servers and remediate problems and apply patches as needed.

When Blaster hit, the IT departmental staff had already patched the majority of his computers to protect against the exploit.

And when Blaster started to spread, the IT departmental staff was able to push the patch out and force reboot any remaining computers - all in about a 10-minute window.

It is not surprising then, that when the SoBig virus hit a week later, BigFix also helped the IT departmental staff locate and fix affected systems easily, quickly and efficiently.

Thanks to BigFix, the IT departmental staff can proactively and automatically solve problems before they occur, saving time and resources - and a lot of anxiety - in the process.

"After watching the rest of the university fight with Blaster and SoBig - while we spent our free time helping other departments at the university - I'll sing the praises of BigFix all day. I had been pushing the MS03-026 patch for several weeks when no one was logged in, and on Monday when it all hit the fan, I was able to force the patch to the remainder and reboot their machines. All in about 10 minutes."

"Out of my machines, only 15 or so got infected because I wasn't quite fast enough, and BigFix even told me who they were when I created a defined property (same with SOBIG)."

Tim Rice
Network Systems Analyst
Department of Medicine
Duke University Medical Center