ZENworks 2020 was released by Micro Focus in late 2019 and customers are upgrading in increasing numbers. The release plays well into the three core competencies of ZENworks:
- Managing the lifecycle of all endpoints
- Securing endpoint devices against common vulnerabilities
- Protecting company data that lives on endpoint devices
All of this runs on an increasingly powerful and well-organized single-pane-of-glass console.
Security is an emphasis on the ZENworks 2020 release, starting with the consolidation of various security-oriented features onto a single landing page in the ZENworks Control Center web interface. All patching and full disk encryption features are brought together with a variety of dashboards in one place for quick access. Introducing everything security is a new Getting Started page that includes links to every security feature included in ZENworks, backup up with video guides to jump-start new users.
Easily the most important new feature in ZENworks 2020 is a vulnerability-based view and approach to security remediation. Until now, ZENworks Patch Management has relied on a third-party patch content repository to apply not only security patches but feature updates as well. ZENworks 2020 adds the ability to subscribe to the US National Vulnerabilities Database (NVD) and to approach security patching at the individual Common Vulnerabilities and Exposures (CVE) level.
CVEs have been listed as parts of manufacturer patches for a while, but savvy users may become aware of a security issue through a CVE posting first before hearing about a manufacturer patch. The ZENworks subscription to the NVD pulls in CVE data and maps CVEs to patches from the patch content repository. This information is then presented in such a way that a specific CVE can be attacked by applying patches to address that vulnerability.
The volume of data presented by the NVD necessitates additional infrastructure. For this, the ZENworks team is leveraging a Vertica database, technology added to the Micro Focus portfolio by the merger with HPE in 2017. Apache Kafka services are used to manage the flow of CVE data from the NVD to Vertica, with these added services running on a specially configured primary server or, in the case of particularly large implementations, multiple Vertica/Kafka servers.
All this data is made easily accessible through a set of “dashlets” shipped with the release, plus the ability to create custom dashlets as necessary. Dashlets are fully actionable, allowing users to drill down to various management features with a couple of clicks. Information about the assignment, penetration, and trends of CVE and patch deployments has been enhanced everywhere it’s relevant and is accessible through updated domains in ZENworks Reporting Server as well.
Two additional areas upgraded in the security realm are personal favorites:
- Enhancements to the individual device and patch information pages streamline the process of determining when and where patches have been deployed
- The ability to patch devices on shutdown has been added, making it easier than ever to keep devices safely patched without interrupting end-users.
Not to be left behind the new security features, ZENworks 2020 includes a wealth of enhancements to the core configuration management tools. Power users who have used ZENworks for a while and have made suggestions should be gratified by the number of new features and enhancements added that grew directly out of the user-driven ZENworks Ideas portal.
Of note is the amount of work that has gone into improvements with bundle management. Improvements here include:
- Better telemetry under-the-hood to track the progress of bundles, including providing data on individual actions within bundles and bundle groups, allowing developers and administrators to know exactly where the execution of a bundle is at any time
- Dashlets – built-in or user-created – to report back on the new data in both graphical and tabular formats, with fully actionable information where appropriate. All the new bundle data is also fully available in ZENworks Reporting Server.
- A new Install Executable action that streamlines the steps necessary to install software from an executable installer
- New settings to manage the number of old bundle (and policy) versions that are retained in the database
One final improvement comes in the data protection area. ZENworks has featured strong full disk encryption and the ability to encrypt removable drives utilizing a Microsoft Data Encryption policy. The latter feature has now been enhanced to allow for folder-level encryption on fixed disks.
Concensus offers a full line of support offerings for Micro Focus ZENworks. These include:
- Management of your ZENworks implementation as a service – never worry about an upgrade or a patch again: we’ll manage them for you! Your environment, your schedule, our resource.
- Onsite engagements for installations, upgrades, training or best practices evaluation.
- Remote, pay-as-you-go support, including assistance with application packaging, patch management or anything else in the ZENworks feature portfolio.
Concensus also offers sales and support for two add-ons for your ZENworks environment:
- ENGL Imaging toolkit – fast, easy implementation of device-independent imaging, driver management, and imaging with either ZENworks or WinPE engines
- Liquit Setup Commander – easy creation of application bundles for many major software manufacturers with direct integration into ZENworks.
View a recording of this webinar
Fill out the form below to learn how Concensus Technologies can give you the flexibility to do more with the resources you have today.