Network World Fusion had a debate between all the major patch players. The full debate can be seen here.
The very rough summary is that everyone but Shavlik said that patching is part of a larger configuration/security management and their products seem to follow suit. Shavlik on the other hand recons that because patching is so difficult a singular focus is needed.
I tend to agree with Shavlik here. By developing something which just does patch managment with all the dependencies this implies, you will have an extremely complex system. To extend this further is over scoping. Get the more important part, patching, right then use the developed infastructure to provide other services later. This is far closer to the unix philosophy of "do one thing and do it well".
And nobody is doing it well.
The very rough summary is that everyone but Shavlik said that patching is part of a larger configuration/security management and their products seem to follow suit. Shavlik on the other hand recons that because patching is so difficult a singular focus is needed.
I tend to agree with Shavlik here. By developing something which just does patch managment with all the dependencies this implies, you will have an extremely complex system. To extend this further is over scoping. Get the more important part, patching, right then use the developed infastructure to provide other services later. This is far closer to the unix philosophy of "do one thing and do it well".
And nobody is doing it well.
Trackbacks
Trackback specific URI for this entry
No Trackbacks