SMS 2003 Security Patch Management Datasheet
|
On This Page
 | Securing the Enterprise |
| Maintain Patch Awareness |
| Vulnerability Assessment |
| Streamlined Patch Deployment |
| Patch Compliance Reporting |
| Operations and Technology |
Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration management for the Microsoft platform enabling customers to improve the security of the Windows environment through rapid and reliable delivery of patches to targeted vulnerabilities in software assets.
| • | Enterprises need to maintain the integrity of their IT environment, without which critical systems may fail, potentially leading to large scale negative consequences throughout the organization. |
| • | SMS 2003 delivers the necessary tools to enable enterprises to stay aware of the latest updates, identify software vulnerabilities, and then quickly and easily retrieve and deploy the update in an accurate, verifiable and controlled manner. |
Securing the Enterprise
Failing to implement a comprehensive patch management strategy could have severe consequences for enterprises—critical business production systems may fail, or security-sensitive systems could be maliciously exploited—all leading to a potential loss in productivity, time, access to business applications and subsequent revenue. SMS 2003 delivers an enterprise proven solution for managing patch deployment, providing a set of tools and processes that enables quick and easy determination of Windows-based systems in need of critical updates, and the ability to test and reliably deploy these updates throughout their environment, allowing enterprises to proactively maintain the integrity of their Windows environment.
Maintain Patch Awareness
With the proliferation of servers and applications, it is increasingly difficult to stay up-to-date on the latest updates needed within the enterprise. Through integration with Microsoft Software Update Services and by leveraging Windows Update technology, SMS 2003 provides enhanced awareness of the latest Microsoft patches for configured systems, enabling enterprises to stay one step ahead of vulnerabilities.
Vulnerability Assessment
Once enterprises are aware of the latest updates, the vulnerabilities of the IT systems needs to be assessed to ensure that only the necessary updates are deployed to the affected systems. SMS 2003 uses standard Microsoft security tools such as the Microsoft Baseline Security Inventory Analyzer (MBSA) and Microsoft Office Inventory Tool for Updates in order to determine applicable updates. This information is stored centrally, enabling the creation of targeted groups for patch distribution. Enterprises can quickly and easily test patches in a representative test environment for compatibility before implementing distribution into production environments.
Streamlined Patch Deployment
The key steps in patch deployment are
| • | Identify vulnerabilities to be addressed |
| • | Acquire the applicable patches |
| • | Determine the systems to target |
| • | Deploy patches reliably |
SMS 2003 integrates these steps into one seamless process through the Patch Distribution Wizard, which walks administrators through the end-to-end patch deployment process. Using the results of the vulnerability assessment as a starting point, the wizard allows administrators to select the most pressing vulnerabilities to be addressed. Patches applicable to these vulnerabilities are then automatically downloaded from the Microsoft website, packaged, and targeted for distribution to a collection of systems identified earlier. SMS 2003 also provides ability to install patches during selected service windows and to control reboots, minimizing disruption to end users.
Patch Compliance Reporting
To ensure that enterprises remain up-to-date with their security status, SMS 2003 provides comprehensive web reports to track vulnerabilities, as well as status of deployed patches. This allows administrators to monitor progress for proactively secure their Windows infrastructure.
Operations and Technology
The Microsoft Solutions for Management Patch Management Using Microsoft SMS Solution Accelerator integrates SMS 2003 with Microsoft Operations Framework processes to provide advice and guidance for deploying software patches and service packs.
For additional information about Microsoft Solutions for Management and Solution Accelerators, see the Improve Platform Manageability Web page.