General discussion


Patch Management

By prashanth_rg ·
We have a Production environment with Windows 2000 Servers. Since these servers run third party applications which are mission critical and cannot afford ad-hoc reboots we have disabled windows auto update. Could you please suggest a better way of handling patch Management?

One of the major challenges is that we cant use a Patch Management tool to deploy to all the Servers at once since every application is different and may have compatibiliy issues with the patch installed.I would appreciate if all you guys share patch management methods employed in your organisations and suggest improvements.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

WSUS and OUs in AD

by Cactus Pete In reply to Patch Management

Organize your servers however you want them in AD for patch deployment. Use WSUS to release the patches when you want them.

Works liek a charm for us.

Just be careful the first time you install the client on the servers, there may be a forced reboot.

Collapse -

patch management on servers

by coastliner In reply to Patch Management

Got the same problem (2000/2003 CITRIX, terminal srver)

You should have a test lab...but who can afford it?? I do not take risk about the
functionality of mission critical server ( by the way , 3 of them are Domain controllers, 1 Primary (2000 server) 2 secondary (2000 and
2003). What's more , with all the tons of patches Microsoft deploy every month , it would be a big of a headache to select which one is right and which one is wrong!!!!! And I have no time !!!! So I decided do wipe
off even the notifications on the server (annoying!!aint'em ??) because , as
I said before , I'd have no criteria in choicing, and no time to loose!!!

Of course the client are updated constantly...but the servers...leave
me alone please, and gimme a break !!!

So I decided to download all the updates and install before a server
goes in production...but once in production ..I simply freeze it!!

I rely on the protection of well configured cisco firewalls, and on that of trend micro products (serverprotect works great for me!)

Of course some doubts remains.....

So...if someone has a better welcome

Related Discussions

Related Forums