Hi Craig, I did a POC on Landesk and BigFix and looked into Shavlik. All were compelling in the notion of "one stop for patch and vulnerability/configuration management" plays. Shavlik was Windows only, and we wanted *nix management or at least patch/vuln identification. I did these about... oh, 6 months ago.
BigFix's GUI was sorta awful and depressing. Their underlying technology, though was impressive they had a very flexible language for defining things. They'd be ok. But IBM sure has a certain way with acquisitions that makes me dimmer on their future insofar as future innovations are concerned. If you've ever used a Tivoli GUI or Lotus Notes, you can surmise how quickly my GUI gripes are likely to get resolved on BigFix. LANDesk looked pretty compelling and was probably my favorite. But it's best leveraged when your admins want to sort of live in their world of systems management, though. In the end, once we got our hands on quotes that both hit the six figures, we opted to keep doing what we were doing with Microsoft SCCM, and *nix patch mangement (and perhaps consider Shavlik's third party SCCM updates to deal with the Adobe/Apple/Java scourges), and spending about half of that on a real vulnerability management package to do credentialed scanning to identify the gaps where the patching tool isn't getting the job done. Overall, this approach is much cheaper for us, gives the Windows patch folks the tool they're used to, keeps the *nix folks in the world they're used to, but gives the security team _exactly_ what they want to measure and drive remediation of risk in the environment (i.e. a real full featured vuln scanner that can do network based as well as credentialed scanning). It depends on your environment though, what makes sense for you, but I will concur that BigFix and LanDesk are both work looking at. -- Todd Haverkos http://www.linkedin.com/in/toddhaverkos Craig Freyman <[email protected]> writes: > Let me know what you think of it after you've had some time to kick the > tires. > > -C > > On Tue, Jan 25, 2011 at 1:19 PM, Leslie <[email protected]> wrote: > >> I am starting to roll out the use of LANDesk Patch Manager but need to get >> it configured and setup. >> >> >> >> Leslie Luck >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Craig Freyman >> *Sent:* Tuesday, January 25, 2011 10:00 AM >> >> *To:* PaulDotCom Security Weekly Mailing List >> *Subject:* Re: [Pauldotcom] Favorite Third Party Enterprise Patching >> Server? >> >> >> >> Anyone use LANDesk Patch Manager? >> >> On Mon, Jan 24, 2011 at 6:28 PM, Jeremy Pommerening <[email protected]> >> wrote: >> >> I'm using BigFix after trying Lumension and hating it. BigFix rocks! At >> least for the moment. IBM swallowed them up so expect that it will get >> worse but for now it's fantastic. You can use BES Relays for the slow links >> basically designating a workstation at each site as the patching server for >> a group of computers. >> >> Jeremy Pommerening >> CISSP,GCFA,GPEN,GAWN,GCFW, >> MCSE Win2K, MCSE NT4 >> >> --- On *Mon, 1/24/11, Steven Sumichrast <[email protected]>* wrote: >> >> >> From: Steven Sumichrast <[email protected]> >> Subject: Re: [Pauldotcom] Favorite Third Party Enterprise Patching Server? >> To: "PaulDotCom Security Weekly Mailing List" < >> [email protected]> >> Date: Monday, January 24, 2011, 12:46 PM >> >> >> >> We are using Lumension PatchLink for Linux/Windows. I've only had to >> deal with it now for a few months, but I think the general consensus >> is we're not too thrilled with it (from a compliance standpoint). It >> does an ok job, but we think there are probably better solutions out >> there. >> >> On Mon, Jan 24, 2011 at 10:01 AM, Jack Daniel >> <[email protected]<http://mc/[email protected]>> >> wrote: >> > I was always a big fan of Shavlik, but it depends on your environment. >> > Shavlik does a great job on the Windows side, but I don't think they >> > have moved into other platforms. They do support a huge number of >> > third party apps, and they have a 14 day (I think) trial so you can >> > play with it. >> > >> > BigFix seems to be very popular with larger and more mixed >> > environments- but I've never used them myself. Someone here must >> > have, though... >> > >> > Jack >> > >> > >> > On Mon, Jan 24, 2011 at 9:21 AM, Craig Freyman >> > <[email protected]<http://mc/[email protected]>> >> wrote: >> >> What is your favorite third party enterprise patching server? I'll need >> some >> >> sort of distributed model because of slow WAN links and multiple >> locations. >> >> I'm curious to see what you all use and why you like it. >> >> Thanks, >> >> Craig >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected]<http://mc/[email protected]> >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> >> >> > >> > >> > >> > -- >> > ______________________________________ >> > Jack Daniel, Reluctant CISSP >> > http://twitter.com/jack_daniel >> > http://www.linkedin.com/in/jackadaniel >> > http://blog.uncommonsensesecurity.com >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected]<http://mc/[email protected]> >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> [email protected]<http://mc/[email protected]> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
