Re: MS Patches Management software: SUS vs 3rd party
From: Alvin (appredator_at_hotmail.com)
Date: 10/28/03
- Previous message: Jeffrey D. Hawley: "RE: Wireless Network assessment"
- In reply to: Andres Martinez: "MS Patches Management software: SUS vs 3rd party"
- Next in thread: Nicholas Diotte: "Re: MS Patches Management software: SUS vs 3rd party"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Andres Martinez" <artiman@cable.net.co>, <security-basics@securityfocus.com> Date: Mon, 27 Oct 2003 20:45:01 -0600
1. SUS doesnt support NT. So the NT servers wouldnt be covered.
2. Create a new OU and modify the Group Policy to set the downloads and
installs as you see fit for your network
3. Find non-peak time to reboot servers
> I'm looking the best solution for one of our customers to deal with the
administration and deployment of security patches, if somebody can make a
recommendation based on real experience I'll appreciate.
> Customer server environment:
>
> 125 servers: 80% Windows 2000 - 20 % Windows NT 4.0 (They are planning to
get rid of NT servers soon)
> All servers on same physical location.
> There is no central administration of servers: Server managment provided
for different people with different Technical skills. Hard to get control.
Few IT resources.
> By default Windows installations = High risk of security problems.
> Lack of security policies for server management and security.
> Very reactive to solve problems.
> Lack of software or scripts to automatize processes like patches
deployment.
> They already have had serious problems due to virus like welchia and
blaster who exploit know security vulnerabilities.
> Corporate Symantec antivirus used for virus protection, but not installed
on all servers, problems with antivirus updates on some servers.
> It is hard to obtain approval for reboot servers due to mission critical
role and business nature (healthcare industry), so minimun downtime is
required.
> What would you use ?
>
> MS Sofware Update Services (SUS) which is free
>
> or Third party software like Hfnetchk Pro or St Bernard Update expert
(http://www.mcpmag.com/Features/print.asp?EditorialsID=354)
>
>
>
> Waiting for your comments
>
>
>
> Thanks
>
>
>
> Andres
>
>
>
> --------------------------------------------------------------------------
-
> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
> The Presidio integrates PGP data encryption and XML Web Services security
to
> simplify the management and deployment of PGP and reduce overall PGP costs
> by up to 80%.
> FREE WHITEPAPER & 30 Day Trial -
> http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
> --------------------------------------------------------------------------
-- > > --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
- Previous message: Jeffrey D. Hawley: "RE: Wireless Network assessment"
- In reply to: Andres Martinez: "MS Patches Management software: SUS vs 3rd party"
- Next in thread: Nicholas Diotte: "Re: MS Patches Management software: SUS vs 3rd party"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
