General discussion


Patch Management

By lachlann562 ·
I have just recently started on a project for implementing a patch management solution. So far these are the products i've learned about:
Microsoft WSUS (Upgraded SUS - not yet released)
Micrsosoft SMS
Shavlik's HFNetCheckPro

I am with a company of about 300 employees, and 200 servers (DMZ's, extranet, intranet).

Any help would be appreciated.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Patch Management

by etwell.karikoga In reply to Patch Management

I have implemented SUS and GFI LANguard Network Security Scanner which has proved to be quite effecient in dealing with patch management. SUS is able to provide OS patch management while GFI give you flexibility to install both OS and application patches.

Hope this will help.

Collapse -

Good patch software listing website

by lachlann562 In reply to Patch Management
Collapse -

Patch Management

by In reply to Patch Management

Have you checked out Patchlink?

Collapse -

Patch Management

by richard.ashe In reply to Patch Management

If you have tried SMS then you should also try Altiris Patch Management

Collapse -

Altiris vs. Kaseya

by chad.Gniffke In reply to Patch Management

My current Patch Managment guy ran Altiris for about a year. When he started at our company I introduced him to and he loves it. Patch management is just the tip of the iceberg on this one baby!

Collapse -

by felicidadegraca In reply to Patch Management

I heard that Microsoft has launched updating server. All you have to do is to create in your DMZ one MS Updater Server which will donwload th patches. From inner side close every ports and open only those u need to workstations download the patches from this updater server. This server has a trigger to wake up the workstations to update the patch. Follow this link:

Collapse -

Try Zenworks for Desktops

by paul.jourdan In reply to Patch Management

Have you tried Novell's ZenWorks for Desktops?

Collapse -


by bmwwaterman In reply to Try Zenworks for Desktops

Do you know how much each client license costs?

Collapse -

WSUS - all the way!

by stefanidis In reply to Patch Management

My friend, i was in the same situation as you - except that i had installed SUS and tried to stay sane!... It kept upddating itself from Microsoft Update, the Group policy was OK, but... it worked only for a few days (updating the clients) and then miraculously stopped updating!
I tore it apart completely and installed WSUS (which just came out) and it is juuuuust great so far! works with extranet and intranet, different subnets, over VPN, the works! It also automatically downloads patches and packs for SQL server, Exchange and Office! i love it.
Of course, SMS 2003 is definitely stronger and you can have much more control. However, my philosophy is to always try to keep it simpler, and go to something larger only if the smaller doesn't do the job. WSUS really works fine, i have no complaints at all, and this come from a guy who was about to smash the SUS server machine with a sledgehammer!
Enjoy...! :-)
Hope i helped.

Spiro Stefanidis
IT Supervisor
Ergo Textile S.A.
Thessaloniki, Greece

Collapse -


by gjones In reply to WSUS - all the way!

If you want a more robust solution and don't mind paying some cash in both software licensing and some heafty hardware (depending on how spread out your sites are) and training, then SMS 2003 (SMS 2.0 was a nightmare) is the way to go. SUS/WSUS is a free, much more simple solution which also allows you to tell your clients to go to Microsoft's Update servers for 'Approved' updates. Good luck!

Related Discussions

Related Forums