Toolbox
Patch Management Systems: Evaluation Criteria and Capabilities
Shopping for a patch management system? Experts say you should look for these features.
By Mary Brandel
November 09, 2009 — Analysts and CISOs suggest putting the following considerations on your patch management shopping list. Also see the related in-depth How to Compare Patch Management Software.
Evaluation Criteria
The following are criteria to consider when choosing a patch management system:
- Range of operating systems supported (Microsoft, Unix, Linux, Mac OS, etc.)
- Range of applications supported (Adobe, Mozilla, RealNetworks, Apple, Java)
- Agent-based or agentless
- Types of real-time reporting available (patches deployed, when, by whom, to which endpoints, etc.)
- Scalability
- Ability to operate on low-bandwidth or globally distributed networks
- Ability to manage computers on or off the network
- Change control (ability to change settings back, pause deployments, etc.)
- Licensing options (subscription-based, perpetual or both)
- Ease of use
- Integration with other security and configuration management systems and capabilities
Range of Capabilities
A full-featured patch management system should do the following:
- Research: Receive information about new patches from vendors and push this information to the patch server.
- Asset discovery: Scan the network to produce a full inventory of IT assets, and provide flexible ways to group and classify these assets.
- Vulnerability assessment and prioritization: Identify vulnerabilities based on the specific endpoints in the environment and rank them in terms of which will have the most impact and which are most important to address.
- Remediation: Continuously deploy, monitor, detect and enforce patch management policies.
- Reporting: Provide real-time reports that satisfy the needs for auditing, compliance and management oversight.
Other stories by Mary Brandel
patch management system
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
- Enterprise 2.0 Applications - Block or Not?
- Securing Your Company's Confidential Data
- Mitigating Security Risk in the Cloud
- Continuous PCI Compliance and Security with Tripwire Solutions
- The Pursuit of a Standardized Solution for Secure Enterprise RBAC
- Building a Secure and Compliant Windows Desktop
Stay current with insightful news and analysis on information security, business continuity, identity and access management, loss prevention and more with CSO newsletters!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
