Educause Security Discussion mailing list archives
Re: Automated Patching and Updates?
From: Ron Parker <rparker () BRAZOSPORT EDU>
Date: Thu, 25 Sep 2003 07:35:36 -0500
In answer to your questions below: 1) We're using Microsoft's Software Update Service (SUS) to push patches out to our XP desktops from our own update server. This is just a glorified version of the Windows update service built into XP but it lets us have some control over what gets pushed and when. We use a group policy to force the patch installation and a reboot if necessary. Unfortunately, a large part of our campus is still on Windows 98 so this doesn't help us as much it could. We are accelerating our push to convert completely to XP. This also doesn't work in our labs where we use Deep Freeze to revert the machines back to their initial state when they reboot. 2) We aren't really looking at anything else at the moment. 3) The above solution works for XP and Windows 2000 but not Windows 98. -- Ron Parker, Director of Information Technology, Brazosport College Voice: (979) 230-3480 FAX: (979) 230-3111 http://www.brazosport.edu On Thu, 25 Sep 2003, Sadler, Connie wrote:
Given all of the recent worm activity, etc., it seems timely to gather some information from you folks regarding what you are already doing - or planning to do - in terms of pushing updates and patches out to your user communities in a way that is not too "intrusive". We all work in diverse environments where many of our users are also sensitive to having someone else "touch" their machines. Yet it seems a losing battle to continue to manually update workstations in some areas when they are being automatically attacked in very sophisticated ways. Can you folks please share with us: 1) What you are already doing now - in terms of pushing or automating patching or updates? 2) What you are evaluating or looking at for doing this kind of thing - and in what areas of your environment? 3) What technologies you are familiar with and what platforms the solutions support? Thanks much! I am willing to summarize the input I receive if I get enough good feedback... Connie J. Sadler, CM, CISSP, CISM Director, IT Security, Brown University Box 1885, Providence, RI 02912 Connie_Sadler () Brown edu PGP Fingerprint: 452A C178 1450 9CE1 3AC1 CC12 956F 2C55 DB94 A9C7 Office: 401-863-7266 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Automated Patching and Updates? Sadler, Connie (Sep 25)
- <Possible follow-ups>
- Re: Automated Patching and Updates? Ron Parker (Sep 25)
- Re: Automated Patching and Updates? Howell, Paul (Sep 25)
- Re: Automated Patching and Updates? Craig W. Drake (Sep 25)
- Re: Automated Patching and Updates? Ron Parker (Sep 25)
- Re: Automated Patching and Updates? Tavakoli, Rooz (Sep 25)
- Re: Automated Patching and Updates? Bradford B. Saul (Sep 25)
- Re: Automated Patching and Updates? Wehner, Paul (wehnerpl) (Sep 25)
- Re: Automated Patching and Updates? Bradford B. Saul (Sep 25)
- Re: Automated Patching and Updates? Craig W. Drake (Sep 25)
- Re: Automated Patching and Updates? Christian Grewell (Sep 25)
- Re: Automated Patching and Updates? Beechey, Jim (Sep 25)
(Thread continues...)