By: Matt Sarrel
Managing virtual and physical machines requires a number of tasks to be accomplished on an almost daily basis. One of the most time consuming of these tasks is patch management, which consists of scanning machines for missing patches and deploying those patches in a timely manner. This is critical because patches fix vulnerabilities in operating systems and applications that can potentially be exploited by hackers and virus writers. Once a vulnerability is discovered, the race is on to apply the patch before systems can be exploited. And since vulnerabilities are discovered every day, IT managers can fall into the trap of scrambling to catch up on a daily basis.
Patching was hard enough when we only had to worry about physical machines, but the dramatic rise in the number of virtual machines, and the ability to create and destroy them on the fly, means that now we have to worry about many more overall systems to maintain. And it’s not just patch management – at this point it has become so easy to install hypervisors and virtual machines that the first step is really simply cataloging all of the systems that need to be patched. This process is often time consuming and sometimes further complicated by lack of comprehensive support for multiple operating systems and a multitude of third party applications.
VMware Go is a free cloud based product that helps IT managers assess current physical and virtual infrastructure and roll out new VM’s quickly and easily. VMware Go includes IT Advisor, a guided assessment of your physical and virtual IT infrastructure. This is a great place to start getting a handle on your infrastructure.
Diving deeper, VMware Go Pro adds patch management for Microsoft OS, Microsoft applications, and third party applications from vendors such as Adobe. There is extensive third party application support – I was impressed that on my small test network IT Advisor found 231 applications that needed patching. Scans can be scheduled to run automatically or be launched manually. After the scan is completed, you get a report that tells you which patches are missing on which machine. Patches can be sorted by importance or by machine so you know you’re not missing anything important, plus reports can be exported, viewed and filtered in Excel. Patch deployment can take place automatically or simply by clicking a button.