Patch Management In The Enterprise, Part II

Introduction

Systems Management Server 2003

Systems Management Server 2003 (SMS2003) was a huge step forward for Microsoft when compared with previous versions of the product. Most long-time users of SMS are familiar with its core features, such as software deployment capability, hardware and software inventory, and software license monitoring. The most significant improvement in SMS2003 is the addition of security patch management functionality. Through the use of the Microsoft Baseline Security Analyzer (MBSA) and the Microsoft Office Inventory Tool, SMS2003 is able to provide vulnerability analysis for the first time.

SMS2003 is an agent-based solution that requires client-side software to be installed on each managed workstation or server. Through Active Directory discovery, whenever a machine is added to the domain, this client software is installed automatically.