There is no silver bullet for patch management and solutions are emerging from multiple industry areas, making it hard to figure out the best course of action. To help put it in perspective, we're challenging a batch of vendors to participate in an online Network World Virtual Showdown "How best to patch" the week of Nov. 15.
The controversy swirling around Microsoft's recently released Windows XP Service Pack 2 serves as a simple reminder that the patch problem remains at the core of network security.
There is no silver bullet and solutions are emerging from multiple industry areas, making it hard to figure out the best course of action. To help put it in perspective, we're challenging a batch of vendors to participate in an online Network World Virtual Showdown "How best to patch" the week of Nov. 15.
We want to hear from these vendors in three categories:
Pure-play patch management players Shavlik and Big Fix: Vendors offering patch point products tend to be innovators. But to stay competitive companies in this sector have to expand their scope to offer more security or management features. Will it be enough?
Server and desktop management vendors Altiris and Configuresoft: Companies in this segment argue that vendors of point products don't see enough of your assets to tell if patches will cause more problems than they solve. They also argue their products scale better and are catching up to point products in terms of features. But can general-purpose tools compete?
Vendors that couple vulnerability scanning with patch management, Citadel, Symantec: Given patching is all about security, the security vendors argue they have a leg up because they live in the trenches. But patching is relatively new to them (Symantec bought On Technology to make a run at this), and they are playing catch-up on the management side. Do they have a chance?
Vendors need to confirm their participation by Oct. 11.
We'll launch the online debate Nov. 15 with vendors' answers to questions from Network World Senior Editor John Fontana, Senior Writer Denise Dubie and guest expert Felicia Nicastro.
Nicastro is a principal consultant with International Network Services, a professional services consultancy. She holds CISSP and CHSP certifications and is author of the forthcoming book Curing the Patch Management Headache.
On Nov. 16, we'll open the forum to let the vendors question each other. This typically is the liveliest part of a Showdown because vendors know their competitors cold and can hone in on technical details that matter.
On Wednesday to Friday, we'll throw open the doors to everyone, letting readers post questions and giving the vendors a last opportunity to trade barbs.
So plan to join us the week of Nov. 15 for the launch of what should be an informative debate.