Patch Management - Windows & RHEL/CentOS based on Date
Hi All, Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out. Ie. Patch to date set to 2012-06-10 So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the "Patch to Date" is moved forward. Wade Peacock Production IT | Vision Critical direct 604.629.9358 mobile 604.363.8137 www.visioncritical.com<http://www.visioncritical.com/> New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
On Wed, Jun 13, 2012 at 7:47 PM, Wade Peacock <Wade.Peacock@visioncritical.com> wrote:
Hi All,
Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out.
Ie.
Patch to date set to 2012-06-10
So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the "Patch to Date" is moved forward.
Wade Peacock Production IT | Vision Critical direct 604.629.9358 mobile 604.363.8137
www.visioncritical.com<http://www.visioncritical.com/>
New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
I am unsure of some details but will blindly suggest you look at wpkg.org as a method of deployment for Microsoft Windows products. -- ~ Andrew "lathama" Latham lathama@gmail.com http://lathama.net ~
On 06/13/2012 01:47 PM, Wade Peacock wrote:
Hi All,
Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out.
Ie.
Patch to date set to 2012-06-10
So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the "Patch to Date" is moved forward.
Wade Peacock Production IT | Vision Critical direct 604.629.9358 mobile 604.363.8137
www.visioncritical.com<http://www.visioncritical.com/>
New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
There are a number of different solutions depending on your environment and how much you might be prepared to spend. A few that spring to mind: PatchLink, works with Windows and RedHat, not sure if they sorted out CentOS support. I've used PatchLink in the past for managing patch deployment to several hundreds of servers, (split up into groups for a final bit of paranoia). ManageEngine have tools, but I believe that's Windows only. RedHat have Satellite that patches and a whole lot more but that comes at a premium. There is also SpaceWalk from them: http://spacewalk.redhat.com/ that manages RedHat, CentOS and Scientific Linux patching. Paul
On Wed, 13 Jun 2012 23:47:24 +0000 Wade Peacock <Wade.Peacock@visioncritical.com> wrote:
Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out.
I don't know of a good software product that does *both* Windows and RHEL/CentOS, but for Windows, have you looked at Microsoft's WSUS [0]? For RHEL/CentOS, use Spacewalk [1]. Hope that helps! ~reed [0] http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx [1] http://spacewalk.redhat.com/
If you're using Active Directory I think you can actually do that with the Policy Manager thingy, but i'm not really a windows guy to be sure. -R> On Wed, Jun 13, 2012 at 4:47 PM, Wade Peacock <Wade.Peacock@visioncritical.com> wrote:
Hi All,
Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out.
Ie.
Patch to date set to 2012-06-10
So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the "Patch to Date" is moved forward.
Wade Peacock Production IT | Vision Critical direct 604.629.9358 mobile 604.363.8137
www.visioncritical.com<http://www.visioncritical.com/>
New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
participants (5)
-
Andrew Latham -
Paul Graydon -
Ray Wong -
Reed Loden -
Wade Peacock