ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Network management Toolkit

Is your patch programme up to scratch?

Deb Shinder

Published: 27 May 2005 11:10 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Windows patch management is a little like taking out the trash or cleaning the toilets: It's not fun, but it has to be done. Most of the network administrators I know seem to approach it in one of three ways:

  • Avoidance: they put it off as long as possible and then rush through it as quickly as they can.
  • Automation: they turn on Windows Update's automatic update feature on all the machines, "set it and forget it" (which is really just another form of avoidance) and pray that they won't encounter any incompatibilities.
  • Overkill: they set up an elaborate patch management programme that involves personally trying out every patch in a test bed environment on an exact replica of every one of their production servers and then using expensive and complex deployment servers to apply the patches, after running complete and comprehensive vulnerability scans on each system to document exactly which patches are missing — in essence, making patch management a full-time job.

Whether your network is a small business workgroup or a multi-domain enterprise, keeping the systems on your network properly updated is absolutely essential. New operating system and application vulnerabilities are being discovered every day, and as soon as a vulnerability is made public, someone, somewhere will find a way to exploit it. Avoidance isn't the answer

Avoidance isn't the answer, but it's most common among administrators of small networks — the ones that are least likely to have adequate fault tolerance measures and other security solutions in place and thus stand to lose the most — at least, as a percentage of their revenues — if their systems are hit.

To be effective, your patch management plan must be timely and continuous. Unfortunately, as with any type of preventative maintenance, it's easy to put it off because you're always busy taking care of more immediate problems. That means some type of automation is almost inevitable.

Next

Previous

1 2 3


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
152 out of 323 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

1 comment

  1. So microsoft are putting Window's 2000 on the shel... Alan Clark

Related Links

More In Network management


Company/Topic Alerts

Create a new alert from the list below:









Related Jobs

Software Lab Administrator/Tester

SENIOR DATABASE ADMINISTRATOR (ORACLE)

Senior Systems Administrator - (Active Directory / Exchange) - Oxford, South East

On The Road Blog

Hands on: Blackberry Storm

Vodafone were demo-ing early models of the Blackberry Storm in their HQ today - so I took a few minutes to check out what all the fuss is about. I should say upfront that I am already... More

Post a comment

Unwittingly Working For Google.

Yes I did exactly what the title says. This afternoon, I poped into the local mobile phone (let us give you the world for a contract) shop and asked them what they thought of the... More

2 comments

Bloggers test mobile WiMax in US

Now that Sprint's XOHM network is up and running, hacks and bloggers got invited to Baltimore (now 70 percent covered in WiMax-y goodness) to check it out and test it out. The jkOnTheRun... More

Post a comment