About Shavlik  /  Careers  /  Contact  /  News  
Products Solutions Training Support Partners Downloads Federal Blogs Shop

Resources

Already a customer?

Shavlik Optimizer Series

Shavlik NetChk Protect

Shavlik NetChk Protect

Manage Critical IT Operations

Shavlik NetChk Protect simplifies and automates identifying and fixing gaps in ‘must do’ tasks such as patch management, asset management, active protection, and antivirus + antispyware, resulting in an enterprise that is ready to spend less – time, budget, and IT staff – on these critical to perform and manage tasks across physical systems and virtual machines.
  • Overview
  • Features
  • Testimonials
  • Requirements
SC Magazine Best Buy

“Excellent product with a fantastic feature set. This is an excellent product and we grant NetChk Protect our Best Buy of the month.”

Nathan Oullette
Product Reviewer, SC Magazine

VIPRE® Antivirus + Antispyware from Sunbelt Software Wins VB100 Award for Malware Detection on Windows 7 Platform award from Virus Bulletin, the highly-respected independent comparative testing group.


Take a look at our new interactive Patch Management ROI Calculator

Summary

With NetChk Protect 7, the Shavlik Security Suite now provides a comprehensive solution with defense in depth to fend off today’s threats. The Suite helps organizations remain proactive, ensuring systems are fully patched and properly configured, while allowing them to be reactive with an antivirus and active protection solution required for the polymorphic threats organizations are faced with today.

Shavlik NetChk Protect bridges your physical and virtual environments with a single, easy-to-manage console that takes the complexity out of patch management, discovers and catalogs your software, hardware, and virtual assets, and delivers antivirus + antispyware that is fast, light on system resources, and stops today’s malware.

A Closer Look

Agentless and Agent-Based Solution

Shavlik offers the industry’s only solution that blends Agentless and Agent-based operations providing a configurable architecture that meets the needs of diverse enterprise environments. In places where Agents are a necessity, we offer an extremely flexible and powerful Agent and our Agentless implementation provides complete coverage and reduces the management overhead related to deploying agents.

Shavlik- Only Vendor Patching Offline Virtual Machines

Shavlik Technologies has developed a way to patch all virtual machines, even those that are offline. This ensures that offline virtual images can be in a constant state of readiness to be deployed.

IT staff can quickly verify and report that 100% of the organization’s vulnerable machines – physical, virtual, and offline – have received a specific critical patch and are protected.

Simplify Network Security

Shavlik NetChk Protect provides you with an easy-to-implement, easy-to-use, and cost-effective method for improving your security posture. By taking the complexity out of the patch management task, it provides the fastest route to improved security and compliance. It also enables your less technical staff to manage the product.

Find and Fix Gaps in Your Network Security

Shavlik NetChk Protect has a unique architecture that combines agent-based and agentless technology to provide the industry’s most comprehensive discovery capability, allowing customers to confidently answer the question “How secure am I?” The flexibility provided by this hybrid approach enables you to address every machine in your enterprise -- from stationary machines to frequently disconnected devices to machines located in the DMZ to machines in locations with bandwidth constraints.

And Shavlik NetChk Protect doesn’t just detect gaps, it fixes them too. The program can be configured to immediately deploy all missing patches to machines immediately after a scan is performed. This one-step update process enables you to specify exactly when and how the patches will be deployed.

Any Patch, Anywhere Technology

Shavlik NetChk Protect scans Microsoft-based and third party programs running on the machines in your network. It assesses the current patch status of those machines and enables you to deploy any missing patches. In addition, Shavlik NetChk Protect also provides a custom patch editor that enables you to create and maintain custom patches on your machines. This enables you to patch virtually any Windows program on your network.

Product Features

Shavlik NetChk Protect contains a large number of product features. In addition to reviewing the following list, you can also see several of the product features in action by viewing the product tutorials available by clicking here.

    NetChk Protect 7 Home Page
  • Ease of Use: Go from download to scanning in 30 minutes or less, leveraging Shavlik’s easy to use, industry-standard user interface. Offers a robust user experience, all from a single console.
  • Multi-Tasking GUI: In NetChk Protect 7, you can launch a scan and continue to work within the console – whether that involves launching additional scans, downloading patches, reviewing prior scan results, or initiating deployments, all at the same time.
    • VB100 - Virus - Dec 2009
  • Antivirus + Antispyware: NetChk Protect 7 includes a feature complete antivirus + antispyware engine. This next generation antimalware engine performs standard antivirus functions, including signature- and heuristic-based threat detection and remediation, behavioral analysis, and whitelisting.
  • Active Protection with On-access File Scanning: Active Protection is an integrated component of the Antivirus + Antispyware engine. It provides real-time file scanning functions for each file as they are being accessed. This includes on-access scanning for all threats – including spyware, adware, malware, and viruses.
  • Asset Management - Discover and Track: Shavlik’s asset management gives you a dynamic, up-to-date method to track your software, hardware and virtual assets.  You will discover physical and virtual machines you didn’t know you had and uncover software applications you didn’t know were installed. By eliminating these blind spots, you can quickly close the gaps in your security and policy compliance. The virtual machine asset information consolidates information about resources assigned to virtual machines as well as the operating system and applications installed. This puts all the relevant information at your finger tips enabling IT to make decisions with confidence and accuracy.
  • Scheduled Data File Downloads: NetChk Protect 7 can be configured to automatically check for new patch and/or antivirus/spyware signatures on a recurring basis. The scheduled check and download function can occur hourly at intervals ranging from 1 to 24 hours – even when the NetChk console is closed.
  • Automated Synchronization of Distribution Servers: With NetChk Protect 7, you can define the interval when you’d like to sync your distribution servers with the NetChk console or choose to manually sync your distribution servers. Specify that Shavlik Engines and Definitions be synchronized or Patches (or both). Distribution Server synchronization is linked to Scheduled Data File Downloads where you define the interval as every X hours, ranging from 1 to 24 hours. No more manual synchronization steps are needed.
  • Support for Offline Virtual Images: Shavlik NetChk Protect enables you to scan and patch offline virtual images. Offline virtual images are those that aren’t powered on when a patch scan is performed. These virtual images may be powered on for only a few hours or days a month and then powered off until they are needed again the next month. It’s important to ensure that these systems are patched so that when they are brought online they don’t place your network at risk.

    Shavlik NetChk Protect makes it easy to scan and patch these offline virtual images. You simply reference the offline image or folder of images in a machine group and perform a scan like usual. You can also scan desktops and servers for the presence of virtual images that you may not even know about. Once the virtual images are identified, Shavlik NetChk Protect will perform a full patch assessment of each image and display the scan results alongside the results for running systems.

    Patching offline virtual images is similarly simple. You simply highlight the images and patches you’d like to install and then select Deploy from the Shavlik NetChk Protect menu. The patches will be copied to the offline images and will be installed the moment that the virtual image is started (or according to its scheduled deployment time).
  • Flexible & Robust Scanning Options: Shavlik NetChk Protect provides a number of ways to perform a scan. The home page provides simple one-click methods for beginning a scan. Or, you can begin scans from within a machine group or with a favorite group. Scans can also be performed by domain, organizational unit, machine name, IP address or IP range.

    NetChk Protect allows you to schedule when a patch will be executed on each remote system. The deployment can be set for a specific date/time, immediately, at next reboot, or they can be copied to the machine but not installed. Reboots can occur immediately after the installation of patches, scheduled at the next occurrence of a specific time, or a specific date/time.
  • Precise Reboot Options: NetChk Protect provides pinpoint control over when systems are rebooted- during planned downtime. This is a critical difference, particularly on servers.  Shavlik enables administrators to specify detailed, granular reboot instructions that allow for system restarting during scheduled windows. Remediation and reboots can be scheduled separately.
  • Automated Patch Deployment: By enabling the Auto Deploy option, you can automatically enforce patch policies by correcting any discrepancies found on the scanned machines. Any missing patches are automatically deployed immediately after the scan.
  • Support for Custom Patches: The program provides the ability to patch virtually any Windows application on your network, including custom applications and legacy applications. You can also scan for and deploy private patches from Microsoft Corporation. All of this is managed with the implementation of the Custom Patch File Editor. The editor’s wizard-like interface expertly guides you through the process of creating your own custom patch XML files. The program combines your custom XML files with the primary XML patch data file and uses that modified file when performing scans and deployments.
  • Comprehensive Reporting: More than 20 built-in reports ranging from Executive Dashboard to Patch Status Detail. Reports detail everything from Seat License Count to Patch Status to Threat summary and detail information. Advanced filtering allows you to obtain a very granular view all the way down to specific machines or specific patches. Reports can be exported in 9 different formats. Automatically email reports or notifications by defining the email recipients in scan template, deployment template, or machine group.
  • Automated E-Mailer: Shavlik NetChk Protect provides the ability to automatically e-mail scan results and reports to machine owners, network administrators, or executives.
  • Support for Multiple Console Configurations: For large organizations there are many advantages to maintaining multiple consoles:
    • The consoles can reside at physically distinct locations and be close to the machines they are managing
    • You can distribute the workload across multiple consoles
    • The scans, deployments, and remediations are performed much quicker
    • You won't tie up your network trying to scan hundreds of geographically distinct machines from one location
    • It cuts down on a lot of network traffic, especially over WANs
    • The results from each console can be rolled up to and viewed from one central location
    NetChk Protect 7 Home Page
  • Shavlik NetChk Agent: Shavlik NetChk Agent is an agent service. The agents configured by Shavlik NetChk Agent are distributed agents, meaning they are installed on physically distinct machines and have the ability to independently initiate specific actions. They are configured via the Shavlik NetChk Protect interface and then installed on the desired machines either by executing a menu command from the Shavlik NetChk Protect console or by manually installing them off a CD or flash drive. With Shavlik NetChk Agent you can create as many different agent policies as necessary to manage your network. This provides a great deal of flexibility, enabling you to assign different agent configurations to different machines in your organization.

    Depending on how they are configured, when installed on a machine a Shavlik agent can:
    • Scan for and deploy missing patches
    • Scan for and remediate viruses, worms, Trojans and rootkits
    • Report the results to the local console
  • Machine Groups: Shavlik NetChk Protect uses machine groups to keep track of the machines that are included in a particular scan. The machine groups within Shavlik's product are flexible enough to allow you to organize and group machines based on OU, Domain or IP Ranges which will automatically identify new machines that are added to the network.
  • Machine View: This extremely powerful and flexible tool enables you to display current information about every machine in your network that has been previously scanned and whose information resides in the database. It enables you to align management of your security posture with how you manage your network assets. The advantages of the Machine View include:
    • You are not restricted to viewing just those machines involved in a particular scan. You can view all the machines that have ever been scanned.
    • You can quickly assess the status of all machines in your organization.
    • You can filter the information and drill down into the table for a more detailed analysis.
    • You can view both patch and threat information at the same time. With the Scan view you can only view one or the other.
  • Role-based Administration: You can assign different roles to different users of Shavlik NetChk Protect. This enables you to make the program available to a wide variety of people within your organization while maintaining control over its use. The role assigned to a user determines what that particular user can do.

Shavlik Forum User

Shavlik NetChk Protect 7.2 is a terrific improvement. Great layout of the interface, menu selections, and the help. The speed of scanning and deployment is about 100 times faster than with the previous version. NetChk Protect version 7.2 is really lightening fast doing scans and reporting results.

— Shavlik Forum User

O.C. McDonald Co., Inc.

Kudos to the Shavlik team for their product. We had a security audit done after more than a year without having one since our company changed hands and we had to locate a new auditing company. Although we still had missing patches, we had reduced the amount missing by a wide margin using Shavlik NetChk Protect and had our best audit yet!

I am LOVING this version Shavlik NetChk Protect 7.2!! I know NetChk Protect has had the capabilities to manage 3rd party patches for awhile but this new interface just makes it so much easier!! I'm going to be able to do a much better job in my environment since the version upgrade. It is nice to have the time to learn, experiment, and gain confidence in the deployments.

— Melissa Allison, Network Administrator, O.C. McDonald Co., Inc.

Alliant Energy

"Thanks to NetChk Protect, we were able to achieve a 95% patch compliancy within a week of MS08-067 release. As of today, we have 1 server out of 444 that is missing the security patch (99.8 % patched!!!)"

Before NetChk Protect:
"We didn’t have any way to easily track deployments. We used Windows Update on individual servers. The manual deployment of something like this to 400+ servers would’ve been a huge undertaking. Talk about a waste of man hours!! To be able to deploy (at any time our customers wanted) and audit progression, it easily saved thousands of dollars in wasted productivity."

— Chris Sweeney, Lead Server Administration Analyst, Alliant Energy

Access Group, Inc.

"We have approximately 250 servers and 365 workstations. We purchased NetChk Protect with the intention of patching our servers first and then moving towards also patching our workstations early next year. Before using NetChk Protect we used both SMS and WSUS for patching and both programs were difficult to use and still left many processes that needed to be done manually."

"We have just completed our first patch cycle using the NetChk Protect application and all I can say is we love this product. What took us approximately 48-52 man hours before in testing and implementation took just over 16 using NetChk Protect. With some more tuning and altering of our processes we hope to reduce that by another 6-8 hours. NetChk Protect is fast, efficient, and simple to use; this is critical to our environment as we have multiple IT staff members with varying levels of experience, all of whom support the patching process. I was able to train the other members of the team, on how to use the application in an easy 30 minute demonstration and the next weekend we were all patching production servers."

"With not having to install new agents on our systems in order to patch them we were able to get the product installed quickly and start using the application right away. Thank you for making such a great product!"

— Brian P. Frank, Senior IT Systems Administrator for Access Group, Inc.

Testimonial from Redmond Magazine

"We have about 900 servers in our organization plus about 250 workstations. Starting early last year, we have been using Shavlik NetChk software for patching all our environments, and are very satisfied with it. The program allows you to deploy, schedule and install patches at certain times with different reboot options. There is also a nice feature to create custom deployments. We have our own proprietary applications, and Shavlik lets me roll out new versions of those as they are released. Shavlik made our lives easier. I recommend it!"

— Edgar, Redmond Magazine Reader

View the entire article

University of York

"We have multiple departments at University of York, many of which run their own IT systems, and these departments were in need of a robust patching solution for both managed and unmanaged machines. Microsoft’s WSUS comes as part of our University Select Agreement, but WSUS is limited and does not provide the application coverage we need. Different software tools are used by different departments to resolve and manage the patching process, such as custom-built scripts, in order to handle applications not supported by WSUS - which add to IT cost and resources."

"I had experience with UpdateEXPERT at my previous employer, but after learning UE was now owned by Shavlik we investigated Shavlik NetChk Protect. We found that Shavlik NetChk Protect is fast, efficient, and simple to use – which is critical to our environment as we have multiple IT staff members with varying levels of experience, all of whom support the patching process. And the fact that we didn’t have to install new agents on our systems in order to patch them was an added bonus."

"We also discovered that our VMware solution also contains the Shavlik security engine inside, so we are pleased that the same technology driving security for our physical machines, is also driving our virtual security patching."

"We were also invited to participate in the beta program for the latest release, Shavlik NetChk Protect 6.0, and were pleased to see immediate results from our feedback on new features. The most important new feature of Protect 6.0 is Custom Patch – this capability is critical for York University as we must support multiple applications, many of which may not be supported by Shavlik NetChk out-of-the-box. The Custom Patch feature allows us to easily create a patch and then deploy it using the standard NetChk Protect remediation process. In addition to patches, we can also deploy non-standard applications using NetChk Protect – many departments have in-house applications for teaching, research, or other that must be deployed and supported, and Shavlik NetChk Protect will deploy and patch these applications as well."

— Pritpal S. Rehal, Senior IT Systems Administrator for University of York

Global Business Solutions Firm

"We have 350 servers in our organization and have been using Shavlik NetChk Protect for patching our environment for a little over two years. Prior to Shavlik we were deploying patches manually. Shavlik NetChk Protect goes far beyond Microsoft WSUS by patching non-Microsoft products such as VMware Server, Sun JAVA, and Firefox, along with many other third party products we use."

"The solution is quick and easy to use for deploying patches in a rollout scenario to Development, QA and Production. Deployments are fast, simple and accurate."

— IT Specialist, Global Business Solutions Firm

Herrington & Carmichael

"Now that we have implemented Shavlik NetChk® Protect, I can go to Herrington & Carmichael management and state with a high degree of confidence that our computers are patched and protected. This was something I did not feel comfortable doing before we implemented Shavlik NetChk Protect."

— Jason Quilliam, IT Manager for Herrington & Carmichael

View the Herrington & Carmichael Case Study

CDW

"On a day to day basis, Shavlik NetChk Protect is also simple to manage. It doesn't require a lot of babysitting. It also provides lots of options for how patches should be deployed, including hidden deployments, automated or scheduled reboots, and offering end users a snooze button. It's obvious Shavlik developers have used this product and taken feedback from people who have used it. Additionally, the product's integration with Active Directory makes it an easy choice for a Windows-centric environment like CDW's."

"In addition, the advanced reporting capabilities provided by Shavlik NetChk Protect provide CDW with a more accurate view of their overall security posture, allowing the CDW security team to more easily mandate and enforce stricter compliance to security policy across the enterprise."

— Min Ju, Manager of Information Security, CDW

View the CDW Case Study

Chiron

"When we went in search of a patch management solution, speed was of the essence. We needed to find a viable patch management solution quickly. As we performed our review of existing patch management solutions, it immediately became clear that Shavlik NetChk Protect was head and shoulders above other solutions in the market. In a short trial period, Shavlik NetChk Protect proved itself right away. It just worked."

— Steve Shuttleworth, Head of IT Services, Chiron (now a part of Novartis Pharmaceuticals)

View the Chiron Case Study

Intervoice, Inc.

"We are a former UE customer and have just migrated to Shavlik NetChk. Our experience with NetChk for patch management has been a very positive one for the simple reason that the Shavlik product just works. I no longer feel the need to baby-sit patch deployments. If a critical patch needs to be deployed during the middle of the night, I can be confident that it will be successful. And when there is a need to micro-manage a job, I especially like NetChk's "In Process" reporting that provides up-to-the-minute deployment status throughout the cycle."

— Mike Edmondson, Senior Systems Engineer, IT Operations, Intervoice, Inc.

PMC Sierra

"We were very impressed with the enterprise capabilities of Shavlik NetChk Protect. Out of ten competing products, Shavlik's was the only solution that could deliver the capabilities we required for our highly distributed environment, 40% of which represent laptop users spread across the globe."

— Adrian Phillips, Leader of Microsoft Services, PMC-Sierra

Western US Bank

"We are a former UE customer and just migrated to NetChk Protect. The Shavlik support team is friendly, professional, and knowledgeable, and we experienced minimal hold times - which was critical to us as we just migrated to new software and were faced with pushing out the DST patch to almost 700 users - the product is extremely easy to use and everything went very smoothly."

Yule Catto & Company

"Patch management is even more important now than when we first rolled out Shavlik NetChk Protect into our organization. Five years ago, we did not view patch management as a necessity. However, over time we have seen the risk unpatched computers present to our network security and availability. We clearly recognize the benefits that Shavlik NetChk Protect provides in our environment. After we introduced Shavlik NetChk Protect, we were able to better protect the security and availability of the Yule Catto network without increasing our IT staff levels. We could not have done this without the Shavlik NetChk Protect solution."

— Richard Ling, Division IT Manager, Yule Catto & Company

View the Yule Catto Case Study

Manitowoc Company, Inc.

"Our team manages numerous desktop applications, such as Adobe, Java, and QuickTime, which have required us to devote the equivalent of two full time employees, continually applying patches to these applications manually. We chose the Shavlik solution because, out-of-the-box, it provides us with the support we need to auto-deploy patches to these applications, and we expect that, once fully deployed, NetChk Protect will allow us to reduce this resource allocation by almost 90% and significantly shorten our window of risk. Additional savings are being recognized due to Shavlik NetChk's ease of use - we can now assign our entry level system administrators to manage the patch process and focus our senior engineers on projects that drive our business."

— Hal Armstrong, IS Technology Manager, Manitowoc Company, Inc.

Guardian Telecom Inc.

"Thanks for making a no brainer product. You guys let me go home at night during patch week."

— Mark T. Iwankow B.Sc. MCSE CCNP, Senior Information Technology Specialist, Guardian Telecom Inc.

Citizens Bank

"We chose Shavlik after doing significant research on available and effective automated patch management solutions in the market, and without question, it's the best software application we've ever purchased for the bank. Upgrades are smooth, tech support is a level above superior and we can easily push out or pull back patches. After having spent the time and money to manually patch 300 machines in 2003 to protect us against the Blaster worm, we can easily prove the ROI on having an automated patch management solution.

Now that we've upgraded Shavlik NetChk Protect, we're looking to Shavlik for more than patch management - we're replacing our existing spyware product with the spyware capabilities that are integrated into NetChk Protect"

— Scott Lewis, Information Systems Analyst, The Citizens Bank.

Protect 7

Console

Processor:

  • Minimum: 500 MHz CPU
  • Recommended: 2.0 GHz CPU (multi-processor machine if more than 1000 seat license)

Memory:

  • Minimum: 256 MB of RAM
  • Recommended: 2 GB of RAM (4 GB if more than 1000 seat license)

Video:

  • 1024 x 768 screen resolution or higher (1280 x 1024 recommended)

Disk Space:

  • 60 MB for application
  • 2 GB or more for patch repository

Operating System (one of the following):

Note: NetChk Protect supports 32- and 64-bit versions of the listed operating systems for both console and target systems. Also note that a domain controller cannot be used as a console.

Minimum:

  • Windows XP Professional, SP3 or later (SP2 or later if using 64-bit version)
  • Windows Vista, SP1 or later, Business, Enterprise, or Ultimate Edition
  • Windows 7, Professional, Enterprise, or Ultimate Edition

Recommended:

  • Windows Server 2003 Family, SP2 or later
  • Windows Server 2008 Family, excluding Server Core
  • Windows Server 2008 Family R2, excluding Server Core

Database:

  • Use of a SQL Server database (SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2008, or SQL Server 2008 Express Edition) is required. If you do not have a SQL Server database, the option to install SQL Server 2008 Express Edition will be provided during the prerequisite software installation process.
  • Note: SQL Server 2000 is supported in 7.0 but is not supported as a back-end database in 7.1 or later
  • Size: 1.5 GB

Prerequisite Software:

  • MSXML 6.0 SP2 Hotfix (for 7.1 or later)
  • Internet Explorer 6.0 or later
  • Windows Installer 4.5 or later (only required if installing SQL Express 2008 during NetChk Protect installation)
  • Use of Microsoft SQL Server 2000 Service Pack 4 (or later), SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2008, or SQL Server 2008 Express Edition
  • SQL Native Client or SQL 2008 Native Client (if using SQL Server 2008)
  • Microsoft .NET Framework 3.5, SP1 or later
  • Visual C++ 2008 SP1 Redistributable Package (provided in 7.1 or later)
  • VMware® Virtual Disk Development Kit 1.0.1

Configuration Requirements (7.1 or later):

  • When performing an asset scan of the console machine, Windows Management Instrumentation (WMI) service must be enabled and the protocol allowed to the machine. In Windows Firewall, on Windows XP/Windows 2003 machines the service is called Remote Administration, and on Windows Vista/Windows Server 2008 machines the service is called Windows Management Instrumentation (WMI)/Remote Administration.

Clients (agentless)

Browser:

  • Internet Explorer 4.0 or later required to receive patch deployments

Operating Systems (any of the following):

  • Windows NT Workstation 4.0 SP6a or later*
  • Windows NT Server 4.0 SP6a or later*
  • Windows NT Server 4.0, Enterprise Edition SP6a or later*
  • Windows NT Server 4.0, Terminal Server Edition SP6a or later*

    *Note:     If you intend to use the Microsoft scheduler, the Schedule service must be running on your Windows NT client machines.
  • Windows 2000 Professional
  • Windows 2000 Server
  • Windows 2000 Advanced Server
  • Windows 2000 Datacenter Server
  • Windows 2000 Small Business Server
  • Windows XP Professional
  • Windows XP Tablet PC Edition
  • Windows XP Embedded
  • Windows Server 2003, Enterprise Edition
  • Windows Server 2003, Standard Edition
  • Windows Server 2003, Web Edition
  • Windows Server 2003 for Small Business Server
  • Windows Server 2003, Datacenter Edition
  • Windows Vista, Home Basic Edition
  • Windows Vista, Home Premium Edition
  • Windows Vista, Business Edition
  • Windows Vista, Enterprise Edition
  • Windows Vista, Ultimate Edition
  • Windows 7, Home Premium Edition
  • Windows 7, Professional Edition
  • Windows 7, Enterprise Edition
  • Windows 7, Ultimate Edition
  • Windows Server 2008, Standard
  • Windows Server 2008, Enterprise
  • Windows Server 2008, Datacenter
  • Windows Server 2008, Standard - Core
  • Windows Server 2008, Enterprise - Core
  • Windows Server 2008, Datacenter - Core
  • Windows Server 2008 R2, Standard
  • Windows Server 2008 R2, Enterprise
  • Windows Server 2008 R2, Datacenter
  • Windows Server 2008 R2, Standard - Core
  • Windows Server 2008 R2, Enterprise - Core
  • Windows Server 2008 R2, Datacenter - Core

Virtual Machines (offline images created by any of the following):

  • VMware ESX Server 3.0 or later
  • VMware VirtualCenter 2.0 or later
  • VMware Server
  • VMware Workstation 4.0 or later
  • VMware Player

Configuration Requirements:

  • Remote Registry service must be running
  • On Windows XP machines, Simple File Sharing must be turned off
  • Server service must be running
  • NetBIOS (tcp139) or Direct Host (tcp445) ports must be accessible
  • When performing an asset scan, Windows Management Instrumentation (WMI) service must be enabled and the protocol allowed to the machine (TCP port 135). In Windows Firewall, on Windows XP/Windows 2003 machines the service is called Remote Administration, and on Windows Vista/Windows Server 2008 machines the service is called Windows Management Instrumentation (WMI)/Remote Administration.

Disk Space (for patch program):

  • Free space equal to five times the size of the patches being deployed

Supported Languages (for patch program):

  • Arabic, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Swedish, Thai, Turkish

Clients Running NetChk Agent

Processor:

  • 500 MHz or faster CPU

Memory:

  • Minimum: 256 MB RAM
  • Recommended: 512 MB RAM or higher

Disk Space:

  • 30 MB for NetChk Agent client
  • 500 MB or more for patch repository

Operating Systems (any of the following):

  • Windows 2000 SP4 or later
  • Windows XP SP2 or later
  • Windows Vista Family
  • Windows 7 Family
  • Windows Server 2003 Family
  • Windows Server 2008 Family
  • Windows Server 2008 Family R2

Prerequisite Software:

  • MSXML 3.0 or later

Port Requirements

These are the default port requirements. The port numbers are configurable.

  Inbound Ports (Basic NAT Firewall)
  TCP 80 TCP 135 TCP 139 OR TCP 445 TCP 3121 TCP 4155 TCP 5120 TCP 443
Client System   X (For Asset Scans) X   X (For listening agents) X  
Console System       X      
Distribution Server X   X       X

  Outbound Ports (Highly Restricted Network Environment)
  TCP 80 TCP 139 OR TCP 445 TCP 3121 TCP 5120
Client System X (For Agents) X X (For Agents)  
Console System X X   X
Distribution Server