TechRepublic|Forums|Networks

Networks

General discussion

  • Creator
    Topic
  • December 14, 2005 at 6:58 am #2179809

    Patch Management

    Locked

    by prashanth_rg · about 18 years, 4 months ago

    We have a Production environment with Windows 2000 Servers. Since these servers run third party applications which are mission critical and cannot afford ad-hoc reboots we have disabled windows auto update. Could you please suggest a better way of handling patch Management?

    One of the major challenges is that we cant use a Patch Management tool to deploy to all the Servers at once since every application is different and may have compatibiliy issues with the patch installed.I would appreciate if all you guys share patch management methods employed in your organisations and suggest improvements.

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • December 14, 2005 at 7:05 am #3121483

      WSUS and OUs in AD

      by cactus pete · about 18 years, 4 months ago

      In reply to Patch Management

      Organize your servers however you want them in AD for patch deployment. Use WSUS to release the patches when you want them.

      Works liek a charm for us.

      Just be careful the first time you install the client on the servers, there may be a forced reboot.

    • March 1, 2007 at 2:21 am #2508874

      patch management on servers

      by coastliner · about 17 years, 1 month ago

      In reply to Patch Management

      Got the same problem (2000/2003 CITRIX, terminal srver)

      You should have a test lab…but who can afford it?? I do not take risk about the
      functionality of mission critical server ( by the way , 3 of them are Domain controllers, 1 Primary (2000 server) 2 secondary (2000 and
      2003). What’s more , with all the tons of patches Microsoft deploy every month , it would be a big of a headache to select which one is right and which one is wrong!!!!! And I have no time !!!! So I decided do wipe
      off even the notifications on the server (annoying!!aint’em ??) because , as
      I said before , I’d have no criteria in choicing, and no time to loose!!!

      Of course the client are updated constantly…but the servers…leave
      me alone please, and gimme a break !!!

      So I decided to download all the updates and install before a server
      goes in production…but once in production ..I simply freeze it!!

      I rely on the protection of well configured cisco firewalls, and on that of trend micro products (serverprotect works great for me!)

      Of course some doubts remains…..

      So…if someone has a better Idea…is welcome

  • Author
    Replies
Viewing 1 reply thread