Home page logo

basics logo Security Basics mailing list archives

Patch management
From: "William Kupersanin" <kuper () glue umd edu>
Date: Thu, 13 Nov 2003 23:19:30 -0500

Howdy list,

I'm looking for people's experiences with various patch/policy management systems. I am looking for a tool to use in a 
heterogeneous environment including various Windows, *nix, & Novell. 

I have seen tools that will maintain an inventory of systems and COTS software on those systems and automatically 
disseminate vulnerability information to the appropriate administrators depending on the vulnerability and what 
OS/software package it affects. 

I have seen tools that will allow one to track, on a vulnerability by vulnerability basis, what hosts have been 
mitigated and which are still vulnerable. 

I have seen tools that will  push patches to the systems (ala SMS, LANDesk, rsync)

I have seen other tools that will check registry keys and configurations throughout the enterprise and report on 
systems' compliance with various benchmarks and policies (Bindview)

It just seems to me that the software pieces required to go to the machines and check for patches, push patches, and 
check configuration settings, should be very similar. I've found a couple of packages that will do 3 out of 4 of these 
tasks. I have not been able to find anything that does it all. 

I'm interested in knowing about others' successes or failures with any packages that can support some or all of these 
goals in a diverse environment. 

Thanks in advance!

The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -

  By Date           By Thread  

Current thread:
  • Patch management William Kupersanin (Nov 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]