RE: Patch Management on Critical Servers (Healthcare)

["Ruiz, Rolando" <rolando_ruiz () jetaviation com>]

WSUS is great and very easy to use. We attack servers in the same way as
Kevin mentioned but instead with weekly schedules (every Wednesday). For
PCs, we have critical and security updates automatically detect and install.

Regards,

 

Rolando Ruiz

Information Technology

-----Original Message-----
From: Kevin Wetzel [mailto:kevin () isptoolz com] 
Sent: Tuesday, May 09, 2006 11:58 AM
To: beinm () ummhc org
Cc: security-basics () securityfocus com
Subject: Re: Patch Management on Critical Servers (Healthcare)

Matthew,
We use SUS at the healthcare organizations that I support. Normally we
delay about 2 days before we let the patches install to make sure that MS
hasnt caused anybody else in different industries any issues and then we
let them install on production systems. Development systems are patched
immediately. There are also patch management solutions available such as
patchlink and patchworx that handle this for you as well.

Kevin Wetzel
ISP Toolz
http://www.isptoolz.com/

> Hello
>
>
>
> I'm just curious to hear how people in the field have been handling patch
> management with critical servers. Have you setup maintenance windows? If,
> so how did you manage the down time? What have people been doing if the
> device or server has an approved FDA configuration? Are you using thing
> like WSUS?
>
>
>
> Thanks,
>
> Matthew
> Security Engineer


Kevin Wetzel
ISP Toolz Consulting
http://www.isptoolz.com/
Phone: (202)558-4061
Fax: (202)478-0781