Security Basics mailing list archives
Re: MS Patches Management software: SUS vs 3rd party
From: Nicholas Diotte <xphox () xphox net>
Date: 28 Oct 2003 14:08:28 -0000
In-Reply-To: <20031027214900.15782.qmail () sf-www3-symnsj securityfocus com> Well I've used HFNetChk pro, and I can say that it was worthless to me. I was using it to patch our WindowsNT servers, and I had nothing but problems. Updates wouldn't schedule, updates woudn't install, updates would just keep detecting they are missing. However I must admin it worked great for my WindowsXP workstation. But for free you can setup an SUS server, which does the same thing, and I've had no problems at all, and just manually patch the NT machines (If new patches come out). The next product I will be testing is IBM Director. That's just my $0.02. --Nick
I'm looking the best solution for one of our customers to deal with the administration and deployment of security patches, if somebody can make a recommendation based on real experience I'll appreciate. Customer server environment: 125 servers: 80% Windows 2000 - 20 % Windows NT 4.0 (They are planning to get rid of NT servers soon) All servers on same physical location. There is no central administration of servers: Server managment provided for different people with different Technical skills. Hard to get control. Few IT resources. By default Windows installations = High risk of security problems. Lack of security policies for server management and security. Very reactive to solve problems. Lack of software or scripts to automatize processes like patches deployment. They already have had serious problems due to virus like welchia and blaster who exploit know security vulnerabilities. Corporate Symantec antivirus used for virus protection, but not installed on all servers, problems with antivirus updates on some servers. It is hard to obtain approval for reboot servers due to mission critical role and business nature (healthcare industry), so minimun downtime is required. What would you use ? MS Sofware Update Services (SUS) which is free or Third party software like Hfnetchk Pro or St Bernard Update expert (http://www.mcpmag.com/Features/print.asp?EditorialsID=354) Waiting for your comments Thanks Andres --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- MS Patches Management software: SUS vs 3rd party Andres Martinez (Oct 27)
- Re: MS Patches Management software: SUS vs 3rd party Alvin (Oct 28)
- Re: MS Patches Management software: SUS vs 3rd party Ansgar -59cobalt- Wiechers (Oct 28)
- Re: MS Patches Management software: SUS vs 3rd party Charles Otstot (Oct 28)
- <Possible follow-ups>
- Re: MS Patches Management software: SUS vs 3rd party Nicholas Diotte (Oct 28)