What 3rd party tool does the job best against VMs? We are running vSphere 5. WSUS in my experience is not so great. What tool has the best technical service support in case you run into issues with patching. We are a company that rely heavily upon our web servers for our business to function. Our clients and vendors use our propriety systems within our website to do there job. We are a background check company. It is mission critical that are servers are up and running 24x7, or if there is a post patching issue, then we can rollback easily without affecting production. We are a windows shop running Jboss, Tomcat in our server environment. Please if have any insights for a best practice approach for patching servers, to include your experience.