Manage Learn to apply best practices and optimize your operations.

Products of the Year: Patch management

Information Security magazine unveils the best patch management products of 2004.

GOLD MEDAL: BigFix Patch Manager
Rating: 86

BigFix Patch Manager and its underlying "fixlet" technology continue to wow the security market. Its ease of use, customization and platform independence make it a top choice among enterprises and Information Security's gold award winner for patch management.

"BigFix is simply comprehensive," says a CISO of a large financial service company.

Automated patching has been around for a few years, but the reach and reliability has hampered many deployments. Most service Windows environments well, but have a harder time reaching across to other platforms and applications. Capabilities have proven problematic, since not all tools can discover, push and verify patch installations with a high degree of accuracy. Enterprises have been forced to use either homegrown or multiple COTS tools to fill their needs.

What enterprises like about BigFix is that it's fully automated and customizable, can push patches to specific machines automatically or on demand, and can analyze and generate reports for measuring patching successes. Even better, it can change configuration settings, making it a good instrument for hardening boxes and employing workarounds if a patch isn't available.

Fixlets are the things that make BigFix work so well. They monitor a machine for vulnerabilities and configuration settings. They communicate with the server, which will push appropriate fixes to either patch the system or bring its configuration into compliance with defined security policies.

This is more than just some client-server architecture. Fixlets are more like applets, and that small footprint makes them easy to deploy, update and manage. Each fixlet can carry a broad range of instructions, making them extremely flexible in implementing changes. Enterprises praise BigFix because it gives them the ability to use either fixlets provided by BigFix or, using an editor, create their own.

Security managers appreciate the tremendous degree of control and information they get from fixlets, providing a wealth of intelligence about the enterprise's or a particular machine's security posture.

With this kind of flexibility and reach, it's easy to see why BigFix Patch Manager has become one of the most popular security tools on the market.

SILVER MEDAL: PatchLink Update
Rating: 84

USER COMMENT: "PatchLink Update is easy to use. PatchLink (the company) is responsive to customers' needs and has a commitment to excellence."

BRONZE MEDAL: Windows Update Service
Rating: 71

USER COMMENT: "Microsoft's patch management might lack a couple of features, but it's good enough overall, and it's free."


This was last published in January 2005

Dig Deeper on Microsoft Patch Tuesday and patch management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.