Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: With SSL VPNs on the offense, will IPSec VPNs eventually be benched?."

Download it now to read this article plus other related content.

EXPOSE
Microsoft's regular patch release cycle is a combination of information, process and automated tools that makes updates go more smoothly.

Microsoft intended its monthly patch bundles to help enterprises organize their vulnerability management efforts. But if you ask security managers what really makes a difference, they'll tell you it's automating those tricky patch deployments.

"Patch Tuesday," the second Tuesday of every month, usually delivers a heavy dose of security fixes of varied criticality that can challenge even the heartiest IT staff.

"When I was writing scripts, it would take me two hours to write just one, because you have to do research on a patch, download it and deploy it to one machine, then monitor the logs for problems," says Keith Seavey, infrastructure analyst for BOC Edwards, a Wilmington, Mass.-based semiconductor manufacturer with 4,000 seats and 250 servers at 68 sites around the world.

"To patch the whole U.S. environment this way would take 40 hours--times-two for Europe and Asia. Now it takes five minutes," he adds. "We're far more likely to patch, when before we were putting on only critical patches that applied to our environment."

But is Patch Tuesday a blessing or a curse for enterprises? To find out, Information Security and SearchSecurity.com visited several organizations of various sizes on Patch Tuesday and the days that followed to see the benefits, challenges and shortcomings of the scheduled

    Requires Free Membership to View

patch release cycle. What we found is that the combination of predictable patch release dates, better testing and automated patch management tools is paying real dividends.

Patch Tuesday: A Weeklong Day
Patch Tuesday is the day Microsoft releases patches each month. But, as is the case at Children's Hospital Boston, Patch Tuesday often extends into a week-plus of activity.

Here's the timeline of Children's typical patching cycle.

This was first published in May 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: