Solved

What is the best third party patch management solution for a company with 130 server (90% VMs)

Posted on 2013-10-30
5
354 Views
Last Modified: 2013-11-22
What 3rd party tool does the job best against VMs? We are running vSphere 5. WSUS in my experience is not so great. What tool has the best technical service support in case you run into issues with patching. We are a company that rely heavily upon our web servers for our business to function. Our clients and vendors use our propriety systems within our website to do there job. We are a background check company. It is mission critical that are servers are up and running 24x7, or if there is a post patching issue, then we can rollback easily without affecting production. We are a windows shop running Jboss, Tomcat in our server environment. Please if have any insights for a best practice approach for patching servers, to include your experience.
0
Comment
Question by:ksol
  • 2
  • 2
5 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 39613141
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39613506
I wonder why you seem to think VMs have to be treated differently. Makes no difference for patching. For me, the answer would be quite simple: use WSUS. Before scheduled updates, have your hypervisor do a snapshot (can be scripted). If updates won't install, it's not the patching solutions fault, so that does not matter here. To rollback patches can be done with WSUS. Patches that can't be rolled back because they don't support it won't offer a rollback no matter what patching solution you use. No difference. You would need to resort to your latest snapshot.
0
 

Author Comment

by:ksol
ID: 39628270
From my experience, WSUS is really bad in regards to reporting. We have the money to buy third party patching tool, but what are the top three? We plan to manage patching and apply them to both workstations and servers. How do patching license work? Do we pay per server? If so, is it per year?
0
 

Author Comment

by:ksol
ID: 39634483
McKnife,

To follow up on your comment. VMs have to be treated differently because we need to keep in mind that during patching, Memory, CPU, Storage all being utilized on the same LUN during patching can cause a bottleneck on the ESX host.

Other than that, I am comparing Symantec vs Shavlik. Any thoughts? How do licensing work for both products?
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 39638083
I see, right. But what would the patch management ideally do to mitigate this effect? It would group servers and have one group start at 10pm, the next at 11 pm,... and so on. That's something we can do by GPOs, set a scheduled installation time based on a security group the server is in.

Sorry, I cannot help out with hints on products. My overall impression is that those don't really do a better job but only manage to make a better impression. The real problems with patch management are common to all:
-how to test?
-how to rollback?
-what to do if installation fails?

I don't see any technical solution that could solve these.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Why should I virtualize?  It’s a question that’s asked often enough.  My response is usually “Why SHOULDN’T you virtualize?”
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question