Secure your end-of-life servers with virtual patching

United Kingdom, Jun 15, 2023

Unfortunately, the longer you work in cybersecurity, the more often you come across legacy operating systems and applications. These types of technologies can be a nightmare to manage and represent a huge security gap for your organisation. On 10th October 2023, Microsoft will end support for Windows Server 2012 and 2012 R2, meaning no more security updates will be available, just like SQL Server 2012.

Why is patching important?

A recent report from Edgescan1 states in a standard organisation, the Mean Time to Remediate (MTTR) a Critical Severity is 65.9 days. Industry reports estimate that adversaries are now able to exploit a vulnerability within just 15 days (on average) of discovery2. End of Support (EOS) systems are a quick and easy win for malicious actors, and they know exactly when what systems go EOS. In reality, these systems can go months or even years without a patch being applied. Legacy Operating Systems are sometimes forgotten about and left to continue running until an audit flags them, or worse, a breach occurs.

What are customer challenges and options?

So, what can security teams do? Below are four main options organisations may consider before October 10th:

  1. The ‘ostrich approach’- bury your head in the sand and pretend like nothing is happening! Not recommended but happens all too often.
  2. Upgrading & Migrating - start by upgrading your legacy applications so that they are modernised and running up-to-date code. Then focus on upgrading that EOS Operating System or migrating it to the cloud.
  3. ESUs - pay for the Microsoft Extended Security Updates (ESUs). Most companies dislike this option as it is the most expensive. In addition, Microsoft may not cover all disclosed vulnerabilities – only the ones Microsoft deem as Critical or Important3. Therefore, this should not be considered a ‘silver bullet’ solution and Microsoft itself suggests only a last resort.
  4. Virtual Patching - use the virtual patching capabilities in Trend Micro Cloud One Workload Security to protect both Cloud and On-Premise infrastructure, which is fast and easy to deploy, automated and cost effective (typically 40% savings vs ESUs). Furthermore, you could also utilise technologies such as Trend Micro’s Tipping Point & TXOne portfolio, to perform Network virtual patching without the need for Endpoint agents.

Virtual patching is a security technique that involves applying a temporary fix to a system vulnerability without modifying the actual code of the affected software. This temporary fix is implemented through a security policy or rule that blocks malicious traffic or behaviour associated with the vulnerability. Virtual patching can provide immediate protection against attacks targeting a specific vulnerability, while organisations work on a permanent patch or software update.

Why Virtual Patching

Trend Micro's virtual patching technology is designed to protect against known and unknown vulnerabilities. It uses intrusion prevention system (IPS) rules to block malicious traffic and behaviour associated with vulnerabilities in real-time. These IPS rules are developed and maintained by Trend Micro's global security experts, who continuously monitor for new vulnerabilities and create appropriate rules as needed. This allows organisations to be protected against vulnerabilities even before a patch or software update is released.

Virtual patching provides several benefits to organisations, including:

  • No downtime: Virtual patching does not require downtime, which means critical systems can remain online and accessible to users.
  • Immediate protection: Virtual patching provides immediate protection against known and unknown vulnerabilities, reducing the risk of attacks while waiting for a permanent patch or software update.
  • Cost-effective: Average savings of 40%+ vs Microsoft ESU costs.
  • Customisable: Virtual patching rules can be customised to meet specific organizational needs, allowing for a more targeted and effective approach to vulnerability management.

See how much you could save with Trend Micro’s cost savings calculator.

Logicalis and Trend Micro: working in partnership

Trend Micro is a global leader in cloud security, XDR, and cybersecurity platform solutions. As a certified Trend Micro Gold Partner, Logicalis is fully engaged across Trend’s industry-leading product portfolio, providing security solutions from the datacentre to endpoints and beyond.

Our team of dedicated security specialists provide the resources, technical knowledge, and service offerings from advisory all the way through to implementation and managed services.

Contact us today to explore our full range of expert service offerings and resources or visit our Trend Micro Partner page.

Topic

Related Insights