Re: Automated Patching and Updates?

[Bruce Purcell <bpurcell () CSUHAYWARD EDU>]

Our decision was based on campus contracts and licensing. We could also have
used Zen Works (we have Novell licensing) or purchased others at greater
cost. However, my experience with SMS tells me that it works now (didn't in
older versions very well). The cost of SMS is going to depend on your
Microsoft contract. We bought our copy on our previous license Enterprise
contract and it cost $35 (one server, serving 110 clients), I believe. With
new licensing, we'll have to purchase upgrades though. As we have no money
for upgrades, I'm not even looking at new prices for now though we do have
new contracts with Microsoft.

SMS will push applications and OS patches along with .dat files -- we
haven't tried firewall rules as the campus now licenses ePo and it is a
campus standard. Mcafee is "supposed" to be coming out with a Mac version,
so we won't have to expand except to figure out how to handle them. That
will at least take care of firewall and virus for Macs. For now, we limit
our Macs and continue down the manual route for applications.

So, we are limiting ourselves to two items on one management console.
Finally, we use automatic updating for our Solaris box. Maybe not the best
way to go, but we only have one Solaris box and I can deal with managing it.


We haven't found the one "magic bullet" yet and I think if I wait, I'll
continue spinning my wheels doing nothing. For now, I've been satisfied in
being limited in my software selection, living with budget realities (we
prefer to spend our money in California on silly political things like
recalls!) and having good licensing to keep costs down and solid in my
implementation and management. If that "magic bullet" ever comes along that
serves up patches and applications to all Windows version, Mac and xNix,
I'll look at changing.

Bruce Purcell
Cal State Hayward

-----Original Message-----
From: Ariel Silverstone [mailto:ariel.silverstone () TEMPLE EDU] 
Sent: Friday, September 26, 2003 7:16 AM
Subject: Re: Automated Patching and Updates?


Yes we are.  In order of importance:

1) Win XP/2000/NT/2003 maybe 98
2) Macs OS X/9 maybe 8
3) xNix (SuSE, RedHat, Solaris)



Thank you,

Ariel Silverstone

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Christian Grewell
Sent: Friday, September 26, 2003 9:59 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Automated Patching and Updates?

Just to clarify: are you talking about *one* management console to manage
patches and app updates (such as personal firewalls, antivirus, etc) to all
flavors of operating systems on campus (macs come to mind)?

If so I'm very interested in what others are doing on the macintosh side -
true, they don't get attacked like a MS box, but it'd be great to have
cross-platform compatibility from one location.

SMS is great in a vanilla OS environment, but I'm curious to know the cost
of implementing something like this in a large scale educational
environment.

Glad to see others thinking about this seriously :) -----Original
Message-----
From: Ariel Silverstone <ariel.silverstone () TEMPLE EDU>
Date: Fri, 26 Sep 2003 09:22:17 To:SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Automated Patching and Updates?

This is exactly the situation I am trying to avoid.  We would like one
product, and thus one management console, to be able to handle all patching
and updates.  Not sure yet if it is possible, and will keep all informed.




Thank you,



Ariel Silverstone



From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bruce Purcell

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.