How can I keep track of patches in a decentralized business model?
Based on what I have read, many Microsoft and third-party patch solutions assume the patch administrator has administrative rights throughout the enterprise. However, our company has a decentralized business model where local IT personnel have complete control over their network environment. Therefore, tools such as MSBA do me little good, especially if remote IT administrators refuse to run the tool and report the findings. What products are available to help me, the corporate security officer, to know via periodic reports that all systems (Unix, Linux, Microsoft, etc.) throughout the enterprise are protected from known vulnerabilities with the applicable patches?
The best one that I've seen is Security Bastion/Gravity Storm Software's Service Pack Manager 2000
, an outstanding system for checking for not only system- but application-level service packs throughout a small or large enterprise network.
This was first published in June 2003