October 15, 2004

'Swiss army knife' software tools not right for patching specific IT problems

Author: Ian Palmer

Traditional patch management solutions are better at
installing software than they are at patching and
upgrading, according to a recent Yankee Group report
that recommends comprehensive rather than piecemeal
approaches to fixing vulnerabilities in applications.

In another study, security firm Symantec revealed that
it documented over a six-month period almost 4,500 new
Windows viruses and worms, more than 4.5 times the
number recorded during the first six months of 2003.
Symantec's sixth biannual report on Internet attacks,
vulnerabilities, and malicious code activity from Jan.
1, 2004 to June 30, 2004, also finds that the time
between the announcement of vulnerabilities and the
release of applicable exploit codes was just 5.8 days.

PatchLink, which provides solutions it says can help
businesses to patch vulnerabilities before hackers can
take advantage of security holes, is one of the many
companies providing patch management options.
PatchLink's Internet-based solution not only scans
networks for security holes and then closes them, but
also works with all Microsoft, UNIX/Linux, Novell
NetWare, and Mac OS X operating systems.

The company counts among its customers NASA, which has
reportedly purchased more than 120,000 nodes for its space
stations. Because every space station has its own set
of PatchLink servers, the task of patching all of the
servers isn't left in the hands of a single person
but is instead placed into the hands of numerous
persons at the various offices.

Sean Moshir, CEO of PatchLink in Scottsdale, Ariz.,
said it's important for companies to find the right
solutions to do a proper job the first time around.
The "Swiss army knife" approach to addressing
problems, he added, won't cut it.

"There are Swiss army knives and there are tools for
specific jobs," he said, explaining that if businesses
don't have the right patch management systems in
place, they could end up with compromised systems that
would cost them large sums of money to fix. "We
believe it's important to have the right tools for the
right jobs. You need to make sure the product is not a
Swiss army knife -- able to do 50 things but none of them
well. Depth of product is extremely important."

Effective patch management means testing patches and
delivering them securely added Chris Andrew,
vice-president of product management at PatchLink. If
a big vulnerability hits, he continued, businesses
that get their patches from vendors such as Microsoft
may be left depending on solutions providers that are
themselves adversely impacted by the vulnerability.

"If you look at companies, you find that they download
patches from Microsoft," said Andrew. "We deliver
patches from our PatchLink server. Patch management is
about getting holes fixed in the network ahead of

Greg Davoll, senior product manager at NetIQ, a San
Jose, Calif.-based company involved in the patch
management realm, pointed toward the world's largest
software company when talking about one of the key
market drivers prompting firms to take patch
management seriously.

The number of security bulletins being issued by
Microsoft, he said, makes it increasingly
difficult for businesses to independently keep up with
their patching requirements.

"By minimizing vulnerabilities, you're minimizing
risks," said Davoll, adding that his company is
pushing for cross-platform compatibility, starting in
the first half of 2005 with Red Hat Linux
compatibility. "They've learned that unplanned outages
are expensive."

Ian Palmer is a free-lance IT writer based near Toronto.

Click Here!