Re: Patch testing

From: Todd Schubert (todd_at_toddschubert.com)
Date: 08/20/03

  • Next message: Rod Trent: "RE: Patch testing" 
    Date: Wed, 20 Aug 2003 16:08:52 -0500
To: focus-ms@securityfocus.com

    Along the same lines...if you do have the resources to deploy some test
    servers but not to recreate every type of server in the enterprise (dc,
    web, exchange, certificate authority, db...) how should you go about
    setting up the test servers? Is there a specific area that should be
    focused on? Also how important is it to have the test servers running
    the same types of hardware as the production environment?

    Brei, Matt wrote:

    >Greetings,
    >
    >I would like to get some industry wide standards or common practice for
    >testing MS patches in the local environment. I am looking into
    >deploying SUS or SMS but also need to set a policy for testing before
    >network wide deployment. Seeing as we only have production servers and
    >don't have cloned "test" server, how can a patch be tested in that local
    >environment without risk of damage or loss of data? Any information
    >that can be provided would be very helpful.
    >
    >TIA,
    >Matt Brei
    >Network Administrator
    >
    >
    >
    >---------------------------------------------------------------------------
    >KaVaDo provides the first and only integrated Web application scanner and
    >firewall security suite that prevent Web applications attacks, the most
    >common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    >http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    >---------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and
    firewall security suite that prevent Web applications attacks, the most
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
    ---------------------------------------------------------------------------

  • Next message: Rod Trent: "RE: Patch testing"

    Relevant Pages

    • Re: Patch testing
      ... In my SMB arena we post into community newsgroups and ask others what their results have been and get a "community" ... > servers but not to recreate every type of server in the enterprise (dc, ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • Normal setup for Web page, web service, firewall secured database?
      ... I think this is a fairly normal situation; outside the firewall are ... two servers, one containing the various web applications that in this ... aspnetdb userid along with the request to the webservice and use the ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Form Authentication Across Web Servers
      ... I have a two ASP.NET2.0 Web applications which are published/deployed ... on two different servers. ... Users of these website can switch between these website as per ... Form authentication is being used to authorize user. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Patch testing
      ... > servers but not to recreate every type of server in the enterprise (dc, ... get good backup software that can do a full ... firewall security suite that prevent Web applications attacks, ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • RE: DCOM patch + Exchange
      ... >firewall security suite that prevent Web applications attacks, ... Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)