|
A relatively common issue facing IT organizations today is the question of whether to invest in both a change and configuration management solution, such as Microsoft Systems Management Server 2003 (SMS), and an enterprise patch and vulnerability management solution, such as PatchLink Update. More specifically, in many cases it is actually about whether to add a product like PatchLink Update to their portfolio when SMS has already been deployed for several years.
Accordingly, this paper will examine the capabilities of each of these solutions relative to the typical challenges facing organizations today in order to demonstrate that it is not really a matter of one versus the other. Indeed, for most organizations both products are appropriate, if not necessary, to achieve an effective patch and systems management solution. In particular, Microsoft SMS provides foundational systems management capabilities, such as software distribution, while PatchLink Update adds advanced patch management capabilities that are essential to keeping up with today's steadily emerging vulnerabilities and rapidly spreading threats.
Enterprise Challenges
It is an undeniable fact that IT and security personnel are under constant pressure to address a wide range of challenges facing their organizations. For example, a handful of the most relevant issues include: accounting for the rapid pace and diversity of business "opportunities" (i.e., needs), maintaining a high degree of efficiency and affordability, achieving compliance with a plethora of regulatory requirements, defending against a mounting array of threats, and accounting for the increasing mobility of users and their computing systems.
The Speed and Diversity of Business
The pace and very nature of business and its associated opportunities imply, if not actually demand, that users be armed in a timely manner with the ever-changing portfolio of resources they need to get their jobs done. Among other things, this means being able to quickly provision them with new applications (or even just upgrades) on an as-needed basis. Often, it will also mean supporting a diverse set of computing devices.
The Economics of Efficiency
Budgets are always constrained. But this does not relieve the need for organizations to steadily move forward technologically ? investing in new "solutions" in order to keep pace with change and competition alike. Balancing this equation means saving money where you can, and always spending it wisely. Two good means to these ends include achieving greater efficiency through automation of routine management tasks and proper planning of new application and technology acquisitions based on accurate accounting of currently available resources and their usage.
Compliance is Mandatory
Government and industry enforced requirements, primarily pertaining to information privacy and the security of associated systems, are an unavoidable reality. Fundamental necessities in terms of achieving compliance with them include: being able to identify all of the resources (i.e., applications and systems) in play, understanding how specifically they are being used, and tightly controlling their configurations to ensure they remain consistent with desired policies.
Patching for Protection
Automatic patch management capabilities have become a critical component of an organization's information security strategy. They are necessary to proactively address the growing number of new vulnerabilities that are being disclosed and the dramatically shrinking window of opportunity to react before corresponding threats appear in the wild. Indeed, recent data obtained from multiple sources indicates that we have reached a point where over 100 new vulnerabilities are being discovered each and every week. Furthermore, for the most common (or significant) of these, exploit code is typically being released within 1 to 3 days of initial disclosure. Under these conditions it is simply impractical to rely on manual methods to achieve remediation of exploitable systems.1
Mobility Matters
Improvements in productivity, responsiveness, and quality of life are causing organizations to increasingly embrace mobile and remote computing solutions. A significant result of this trend is that organizations must now also address each of the previous challenges for a growing diversity and population of applications, platforms, and devices that are not LAN-based and essentially not always connected.
Combining Complementary Products to Create an Ideal Solution
Given the scope of the aforementioned challenges it is unrealistic to expect that a single product can be used to achieve an optimal solution. That said, it is certainly true that Microsoft's SMS represents a decent stab at accomplishing just that feat.
|
