RE: Patch Management on Critical Servers (Healthcare)

["Mr.Hartmann" <hartmann () thestar com my>]

Hi there.

SUS and WSUS are good patch management - and it's free.
But the reporting would be a bit not-so-friendly.
With SUS/WSUS, the patches can be updated and restart later - whenever it is
convenient.

But to perfect this patching process, it would be great if you could afford
an application which could make a live snapshot of the system - fast and
reliable for a full-proof "rollback".

Such as acronis,falconstar, etc ...

This is because those 'rollback' functionality come with the patch
management doesn't really work for some patches.
Once in, system or some in-house application's down.
There is no way any administrator can roll back that - other than to restore
the system to the point before specific patch.

Good luck.
And if you come across a better idea than that,
Do let me know.
Thanks.

Goodday,
Adam




-----Original Message-----
From: beinm () ummhc org [mailto:beinm () ummhc org] 
Sent: Monday, May 08, 2006 9:03 PM
To: security-basics () securityfocus com
Subject: Patch Management on Critical Servers (Healthcare)

Hello

 

I'm just curious to hear how people in the field have been handling patch
management with critical servers. Have you setup maintenance windows? If, so
how did you manage the down time? What have people been doing if the device
or server has an approved FDA configuration? Are you using thing like WSUS?

 

Thanks,

Matthew
Security Engineer

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________


/******************************************************************\
This message and any attachment(s) are confidential and may be privileged or otherwise protected from disclosure. If 
you are not the intended recipient, please telephone or e-mail the sender and delete this message and any attachment 
from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the 
content to any other person.

Any opinion, view and/or other information in this message and/or any attachment(s) hereto which do not relate to the 
official business of Star Publications (Malaysia) Bhd shall not be deemed given nor endorsed by Star Publications 
(Malaysia) Bhd. Our company is not responsible for any activity that might be considered to be an illegal and/or 
improper use of email.

E-mail transmissions cannot be guaranteed to be secured or error-free as information could be intercepted, corrupted, 
lost, destroyed, delayed, incomplete or contain viruses. The sender therefore does not accept liability for any errors 
or omissions in the contents of this message or for any virus damage which may arise as a result of this e-mail 
transmission.
/******************************************************************\