SMS 2003 Security Patch Management
Enterprises need to maintain the security of their IT environment. Systems Management Server (SMS) 2003 delivers the necessary tools to enable enterprises to stay aware of the latest updates, identify software vulnerabilities, and quickly deploy updates in an accurate, verifiable, and controlled manner.
Security Patch Management Datasheet
Read how SMS 2003 can help secure your systems by maintaining update awareness, assessing vulnerabilities, streamlining update deployment, and providing update compliance reports.
Security Patch Management Demo
Watch how Security Patch Management works in SMS 2003. Note: if you have a popup blocker installed, you will need to disable it to allow the demo to run.
Improvements to Software Update Management in SMS 2003
Read about the improvements to software update management in SMS 2003.
Security Patch Management Case Study
Read how SAP America uses SMS 2003 to check the status of its computers and apply the latest security updates.
Software Update Management to Mobile Computers
This white paper describes best practices from Microsoft for managing software updates to mobile computers using SMS 2003.
Maintain Update Awareness
With the proliferation of servers and applications, it is increasingly difficult to stay up-to-date on the latest updates needed within the enterprise. Through the integration of the Software Update Services Feature Pack into Systems Management Server 2003 and by leveraging Microsoft Baseline Security Analyzer (MBSA) technology and Microsoft Office detection technology, Systems Management Server 2003 provides enhanced awareness of the latest Microsoft updates for configured systems, enabling enterprises to stay one step ahead of vulnerabilities.
Vulnerability Assessment
Once enterprises are aware of the latest updates, the vulnerabilities of IT systems need to be assessed to ensure that only the necessary updates are deployed to the affected systems. Systems Management Server 2003 uses standard Microsoft security tools in order to determine applicable updates. This information is stored centrally, enabling the creation of targeted groups for update distribution. Enterprises can quickly and easily test updates in a representative test environment for compatibility before implementing distribution into production environments.
Streamlined Update Deployment
The key steps in update deployment are:
1. | Identify vulnerabilities to be addressed. |
2. | Acquire the applicable updates. |
3. | Determine the systems to target. |
4. | Deploy updates reliably. |
SMS 2003 integrates these steps into one seamless process through the Patch Distribution Wizard, which walks administrators through the end-to-end update deployment process. Using the results of the vulnerability assessment as a starting point, the wizard allows administrators to select the most pressing vulnerabilities to be addressed. Updates applicable to these vulnerabilities are then automatically downloaded from the Microsoft Web site, packaged, and targeted for distribution to a collection of systems identified earlier. SMS 2003 also provides the ability to install updates during selected service windows and to control reboots, minimizing disruption to end users.
Update Compliance Reporting
To ensure that enterprises remain up-to-date with their security status, SMS 2003 provides comprehensive Web reports to track vulnerabilities, as well as the status of deployed updates. This allows administrators to monitor progress to proactively secure their Microsoft Windows infrastructure.