Install What You Need with Windows Server 2008 Windows Server 2008 is Microsoft's most full-featured server operating system yet, so it's ironic that one of its most exciting new features is an install option that cuts out most of the other features. Paul Rubens explores why a Server Core installation makes a great deal of sense in many instances. »   Identify Hardware and Software That Meet Microsoft Standards The "Certified for Windows. Server 2008" logo identifies hardware and software solutions that meet Microsoft standards for compatibility and best practices with the Windows Server 2008 operating system. »   Windows Server Catalog: Certified Hardware Devices Search the Windows Server 2008 catalog to find solutions to deploy with confidence. »   Windows Server Catalog: Certfied Servers Search the Windows Server 2008 catalog to find servers you can deploy with confidence. »   Download the Windows Server 2008 Trial With Windows Server 2008 you can develop, deliver, and manage rich user experiences and applications, provide a secure network infrastructure, and increase technological efficiency and value within your organization. »

Related Articles •Why Can't Microsoft Catch Its Own Bugs? •Hybrid PC Integrates Keyboard With Slate •Ctrl+Del To Control E-Mail Lists •How Not to Unsubscribe •Sender ID Declines, Domain Keys Shines

- ITSMWatch Newsletter -

Tech Focus: Security Cybersecurity: Laws Only Go So Far Mozilla Firefox vs. Internet Explorer: Which is Safer? Is Your Blog Leaking Trade Secrets? The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip? Stopping Spammers at The Point of Sale

Product Watch •IOGEAR KVM - Includes Audio/Peripheral Sharing •Coverity Prevent / Coverity Thread Analyzer - Analyze Source Code For Defects, Security Vulnerabilities •USSD Series - SDRAM-Based Solid State Drives to 256 GB •UltraSMS - Send SMS From Your PC •Sentinel Sensors - Wi-Fi Based Temperature Monitoring Especially For Cold Storage more products >>

Datamation Definitions data mining ERP extranet grid computing intranet network appliance outsourcing storage VPN virus

FREE Tech Newsletters Instant Messaging Planet HTML CIO Update CodeGuru Update Practically Networked HTML Enterprise Storage Forum HTML Optically Networked HTML Intranet Journal Update Datamation IT Management Careers Datamation IT Management Update Executive Tech HTML Developer.com Update Gamelan Java Update Goodies to Go Javascript Weekly HTML JARS Java Update OpenSource Update SysOpt Tech Notes Grid Computing Planet HTML E-Security Planet HTML Virtual Dr. Text

Visit ServerWatch for summaries of server and development tool updates, the latest on server news and trends, and more.

Can Patch-Management Companies Survive?
November 9, 2004
By Brian Livingston

Who would have thought that a day would come when there are far more companies selling ways to patch PC operating systems than there are companies selling PC operating systems?

That's where we find ourselves now. The Microsoft Corp.'s Windows operating system ships on more than 93 percent of PCs worldwide, according to a report by market-research firm IDC.

Meanwhile, there are at least 21 major players in the business of providing patch-management software that simplifies the maddening task of applying the scores of fixes that come out each year for Windows, Microsoft Office and other programs, according to a recent buyer's guide by Jeff Fellinge in Windows IT Pro magazine.

I don't know whether having so many companies in this space is a good thing or a bad thing, but one thing's for sure — it's a whole 'nother layer of software that IT managers didn't have to grapple with just a few years ago.

Live And Let Die

There's so much ferment in solutions for patch management that John Dix, the editor of Network World, a weekly tech magazine, recently challenged all the vendors to a "virtual showdown" — an online debate beginning Nov. 15 on how best to patch. In his announcement, Dix implied that there would soon have to be a consolidation of the major providers, who now come in three configurations:

• Pure-Play Patch Management. These are specialized companies, such as Shavlik Technologies and Big Fix, which concentrate almost entirely on patching operating systems and applications.

• Server And Desktop Management. Firms such as Configuresoft and Altiris, which traditionally have focused on computer asset management, are increasingly moving into patch management as well.

• Security Scanning. Companies that grew famous on their antivirus and vulnerability scanning tools, such as McAfee and Symantec, are also building up their offerings in the patch-management field.

Can all of these players continue to innovate without some of them falling by the wayside? Dix declined to comment for this article.

Don't Get Out The Embalming Fluid Yet

One of the standalone patch-management vendors makes a strong case that the specialized firms will have a continuing role for a long, long time.

"There are a handful of standalone patch-management companies: Shavlik, Patchlink, Big Fix, Ecora, St. Bernard," says Eric Schultze, the chief security architect of Shavlik Technologies. "Any of the other vendors use one of those five companies' technology," he notes, citing Configuresoft as an exception that has built its own solution.

Patch-management software, in this view, is a product that you can either buy from its original developer or from a major-label software publisher with only cosmetic differences.

"We've decided that we want to be the 'Intel Inside' of the patch-management market," Schultze explains. "We have technology that's used by Symantec, BMC Software through its Marimba acquisition, iPass, Bindview, NetIQ, Executive Software, and in some sense Microsoft. The Microsoft Systems Management Server 2.0 and SMS 2003, its patch-management detection engine, is an older version of the Shavlik engine." Symantec obtained a relationship with Shavlik through the larger corporation's February 2004 acquisition of On Technology, which had previously signed a deal with Shavlik.

In addition to business opportunies for the specialized firms to provide technology to the larger, more established companies, there are plenty of new challenges that IT leaders will need help to confront, Schultze says. Shavlik itself is moving into "spyware management," for example.

Spokespersons for McAfee and Symantec did not provide company executives for comment on this subject by press time.

Nailing Down The Patch-Management Market

Others also see plenty of openings for players of all sizes. "Patch management software for Windows is still in its infancy, really. Microsoft is still working out the kinks in providing companies with reliable patches in a consistent format," says Fellinge, the author of the patch-management buyers' guide.

"Patch management software must do three things right: deploy patches reliably, scan systems accurately, and provide solid reports of enterprise patch status," he explains. "I think that in the short term there is room for small and large vendors — but those companies that get these three points at a reasonable price will nail the market."

Conclusion

We may question why we have to install multiple security upgrades every month — but the reality is that this is going to continue to be a fact of life, now that hackers around the world have learned how easy it is to exploit holes in Windows and other software.

Simply setting Microsoft's "Windows Update" program on automatic and letting it do its thing is a poor defense for most companies. Major enterprises must test all new patches before deploying them. And even small businesses must use separate, nonautomatic systems to update non-OS software, such as Microsoft Office, which has its own upgrade procedure.

The need to handle all these application changes is so great that most of the patch-management vendors seem likely to stick around for the duration — whether their code retains its original name or takes on the logo of a more famous software publisher.

Tools:

Add itmanagement.earthweb.com to your favorites Add itmanagement.earthweb.com to your browser search box IE 7 | Firefox 2.0 | Firefox 1.5.x Receive news via our XML/RSS feed