patches
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: patches

  1. #1
    Junior Member
    Join Date
    Mar 2003
    Posts
    17

    patches

    Hi,
    should patch management role be classified as server support or security admin. pls comment. thanks

  2. #2
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    In my shop it is classified as server support, however, I from a security perspective, have a high level of control over the process to ensure it meets the security requirements of the company.


    Cheers:
    DjM

  3. #3
    Junior Member
    Join Date
    Mar 2003
    Posts
    17
    can you give me the details of what this high level of control over the process will do?

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Basically, I establish the criteria by which patches are rolled out. For example, servers that reside in our DMZ, if there is a 'critical' patch required, they must be installed within 24 hours of the patch being released. This means the server is 'ghosted' and the patch is installed with minimal testing. For servers which are on my internal LAN, 'critical' patches are install within 2 weeks of being announced. That leaves time for a little better testing. All non-critical patches are installed as part of our normal maintenance process.

    Does that help a bit?
    DjM

  5. #5
    Junior Member
    Join Date
    Mar 2003
    Posts
    17
    do u mean that you have 1 person doing the depolyment and the other doing the process monitoring?

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Kind of like that, I ensure the patches are being deployed by our server group. If they are have problems or issues they will report to me. At this point in time, the process has worked quite well. I am sure there are other on this board that will have other opinions.

    Cheers:
    DjM

  7. #7
    Junior Member
    Join Date
    Mar 2003
    Posts
    17
    for my case i only can afford 1 person to do the job, how can i justify that patch management belongs to server support?

  8. #8
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by sentme_mail
    for my case i only can afford 1 person to do the job, how can i justify that patch management belongs to server support?
    Well...is the server group responsible for installing other things on the servers (os, applications, etc)? Then why would they not be responsible for installing patches, they are after all, part of the OS or Application.

    Cheers:
    DjM

  9. #9
    Junior Member
    Join Date
    Mar 2003
    Posts
    17
    yap, the server group responsible for installing other things on the servers (os, applications, patches, etc)
    but what reasons can i give to justify that they should also be incharge of the process ?

  10. #10
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    If the OS's and Applications belong to them, they are responsible for them, then the patches to those systems also belong to them, they must take ownership of them. Patches are a part of the OS or Application, which they (the server group) own. I believe it's just that simple. If your claiming ownership over a systems OS & application you own everything that is bundled with those systems.

    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides