Re: Automated Patching and Updates?

[Ron Parker <rparker () BRAZOSPORT EDU>]

Ours are all in one domain. We have not tried doing this across domains
but I'm not aware of any reason it wouldn't work.

--
Ron Parker, Director of Information Technology, Brazosport College
Voice: (979) 230-3480             FAX: (979) 230-3111
http://www.brazosport.edu


On Thu, 25 Sep 2003, Howell, Paul wrote:

> Hi,
>
> Are all of your workstations in the same domain as the SUS server?
>
> Have you tried to update workstations in a different domain?
>
> Thanks,
>
> < paul
>
>
> > -----Original Message-----
> > From: Ron Parker [mailto:rparker () BRAZOSPORT EDU]
> > Sent: Thursday, September 25, 2003 8:36 AM
> > To: SECURITY () LISTSERV EDUCAUSE EDU
> > Subject: Re: [SECURITY] Automated Patching and Updates?
> >
> >
> > In answer to your questions below:
> >
> > 1) We're using Microsoft's Software Update Service (SUS) to
> > push patches
> > out to our XP desktops from our own update server. This is just a
> > glorified version of the Windows update service built into XP
> > but it lets
> > us have some control over what gets pushed and when. We use a
> > group policy
> > to force the patch installation and a reboot if necessary.
> > Unfortunately,
> > a large part of our campus is still on Windows 98 so this
> > doesn't help us
> > as much it could. We are accelerating our push to convert
> > completely to
> > XP. This also doesn't work in our labs where we use Deep
> > Freeze to revert
> > the machines back to their initial state when they reboot.
> >
> > 2) We aren't really looking at anything else at the moment.
> >
> > 3) The above solution works for XP and Windows 2000 but not
> > Windows 98.
> >
> > --
> > Ron Parker, Director of Information Technology, Brazosport College
> > Voice: (979) 230-3480             FAX: (979) 230-3111
> > http://www.brazosport.edu
> >
> >
> > On Thu, 25 Sep 2003, Sadler, Connie wrote:
> >
> > > Given all of the recent worm activity, etc., it seems
> > timely to gather
> > > some information from you folks regarding what you are
> > already doing -
> > > or planning to do - in terms of pushing updates and patches
> > out to your
> > > user communities in a way that is not too "intrusive". We
> > all work in
> > > diverse environments where many of our users are also sensitive to
> > > having someone else "touch" their machines. Yet it seems a
> > losing battle
> > > to continue to manually update workstations in some areas
> > when they are
> > > being automatically attacked in very sophisticated ways.
> > >
> > > Can you folks please share with us:
> > >
> > > 1)  What you are already doing now - in terms of pushing or
> > automating
> > > patching or updates?
> > >
> > > 2)  What you are evaluating or looking at for doing this
> > kind of thing -
> > > and in what areas of your environment?
> > >
> > > 3)  What technologies you are familiar with and what platforms the
> > > solutions support?
> > >
> > > Thanks much! I am willing to summarize the input I receive if I get
> > > enough good feedback...
> > >
> > > Connie J. Sadler, CM, CISSP, CISM
> > > Director, IT Security, Brown University
> > > Box 1885, Providence, RI 02912
> > > Connie_Sadler () Brown edu
> > > PGP Fingerprint: 452A C178 1450 9CE1 3AC1  CC12 956F 2C55 DB94 A9C7
> > > Office: 401-863-7266
> > >
> > > **********
> > > Participation and subscription information for this
> > EDUCAUSE Discussion Group discussion list can be found at
> http://www.educause.edu/cg/.
> >
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/cg/.
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
> http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.