Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Securing servers

By Joseph Fitzgerald , NetworkWorld.com , 05/03/2004

Editor's Note: This is the first of our new Server Sleuth columns. Each week, the Sleuths will help you crack your tough server-management questions - which you can send them at sleuths@nwfusion.com. See the Server Sleuths bio page for more on our crack detectives.

Q. Securing our servers is our IT organization's biggest concern. With new regulations concerning the protection of data and new viruses popping up almost daily, what can I do to ensure that our servers are up-to-date with the latest patches and service packs? 

Also, can you address the speed vs. security question? Meaning, once I get a patch, to ensure it does not bring down the network, I have to check it to make sure there are no conflicts. If there are, I have to manually make changes to the patch, which drastically increases the amount of time it takes to deploy the individual patch; sometimes by as much as a month. Is there anything I can do to speed up the process to ensure my network is as safe as possible?

I've worked with teams who told me that before they solved it, patch management was a "can't see the forest for the trees" problem.  They spent time and energy tackling each patch or update as a single event, working on a single layer of the configuration, like a single tree.  The problem is that sometimes their solutions affected other aspects of their networking "forest." One tree leans a bit, and others can fall.  Without accounting for the entire environment, patch management can result in instability as patches and updates impact other elements and create disruptions.

The whole software stack must work together, and continue to do so even after reprovisioning or changes.  So patching one aspect of one layer at a time is slow and risky, and frankly not working in the real world. I believe that automation is key to risk avoidance as well as speed.

The fundamental idea is that you need to manage patches holistically.  In other words, you need to look at the full configuration, the entire stack - operating system, applications, content, settings, etc.- to do patch management effectively (getting the right patch to the right system), efficiently (quickly), and risk-free (no disruptions because of unforeseen conflicts when patches and updates are applied across the whole environment).

Partner Content

Explore the Ultrium Edge

The powerful tape technology can address data security with tape encryption as well as long term data protection.

Find out more

Disk and Tape Square Off

Discover what disk and tape really cost -- and which solution provides lower total cost of ownership and optimizes energy use for your organization

Download the White Paper

Don't Fall For The Myths

The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.

Download the White Paper

Will You Add Tape Too?

Over two thirds of disk-only users look to add tape back into storage infrastructure according to recent survey.

Download Survey Information

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.