This article can also be found in the Premium Editorial Download "Information Security magazine: With SSL VPNs on the offense, will IPSec VPNs eventually be benched?."
Download it now to read this article plus other related content.
Microsoft's regular patch release cycle is a combination of information, process and automated tools that makes updates go more smoothly.
Microsoft intended its monthly patch bundles to help enterprises organize their vulnerability management efforts. But if you ask security managers what really makes a difference, they'll tell you it's automating those tricky patch deployments.
"Patch Tuesday," the second Tuesday of every month, usually delivers a heavy dose of security fixes of varied criticality that can challenge even the heartiest IT staff.
"When I was writing scripts, it would take me two hours to write just one, because you have to do research on a patch, download it and deploy it to one machine, then monitor the logs for problems," says Keith Seavey, infrastructure analyst for BOC Edwards, a Wilmington, Mass.-based semiconductor manufacturer with 4,000 seats and 250 servers at 68 sites around the world.
"To patch the whole U.S. environment this way would take 40 hours--times-two for Europe and Asia. Now it takes five minutes," he adds. "We're far more likely to patch, when before we were putting on only critical patches that applied to our environment."
But is Patch Tuesday a blessing or a curse for enterprises? To find out, Information Security and SearchSecurity.com visited several organizations of various sizes on Patch Tuesday and the days that followed to see the benefits, challenges and shortcomings of the scheduled
This was first published in May 2005