We have around 100 Linux servers here 90% virtual in VMware and about 50 Ubuntu, 25 RHEL 5 & 6, 12 CentOS and a few other stray items like a Solaris box etc.
We are looking for some type of an automated patch management product for these - ideally one that can handle all the various OS types - and hopefully not Tivoli due to cost and complexity to maintain.
What's out there either OpenSource or commercial that's good & reliable but not a huge time sink to keep running?? We need to be PCI compliant and doing this by hand is obviously terribly time and resource intensive. We DON'T want to go the automated OS patching route unless we can control what gets patched and when without touching every box (once on setup I one thing but to continually revisit each server is another).
Sr. Systems Administrator