This question is related to a few queries I have had from large customers who are looking for the following:
- a single appliance or application that can scan a network (pref. agentless) for unpatched systems on multiple platforms (especially MS & Solaris)
- can then be told to apply patches to a beta subset of those systems
- can then be told to distribute the patches to the entire network - pref with use of distributed repositories etc
- will generate good reports during all phases
They are not looking for these guys:
- etc etc etc
We are talking about something that can be implemented quickly and relatively *painlessly.*
I know there are a bunch of great tools for finding unpatched systems, like Nessus & Retina, however it is being able to fix-after-find that has become important to large organisations due to the manpower required to keep their systems up to date.
Can anybody help me with this - discussion on this topic is appreciated!