You got at least one answer on the same day you asked the question, so it did go through. You can always update your options to always send yourself a copy of anything you submit, if that will give you more confidence.
Our company policy is that all systems must be patched every quarter. A risk and severity assessment is done by our Information Security organization on every security vulnerability that is announced by a supplier. Based on the results of that, we may be required to install a patch within 30 days, etc. Every two weeks would seem rather excessive for patching every system, regardless the severity. We use the command-line version of online_update to do patching. We have Opsware agents installed on every system to allow us to initiate the patching from a centralized server. Unfortunately, Opsware doesn't run on Linux/390. Levanta, Aduva's Onstage, BMC's products, etc., should all allow you to do the same thing. None of them are inexpensive, however. Mark Post -----Original Message----- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Levy, Alan Sent: Sunday, March 12, 2006 10:35 AM To: [email protected] Subject: Patching Servers I submitted this last week but I'm not sure it went through. I have a number of linux servers on our IFL (sles8 and 9). I have been told by our security group that I have to patch these servers at least once every 2 weeks. Previously I was patching them every 2 months. My question is: How are you patching your servers (yast online update, auto update, 3rd party product, etc) and how often ? I was also told to investigate Novell's zenworks to see if it would work on S390. Does anyone have any experience with this product ? Are there other products out there that do the same thing ? Thanks. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
