Currently we are developing a framework for our patch management policy and processes. SMS 2003 with the SUS Tool is the vehicle to make this happen. With the countless options available for setting advertisment and package creation, we are in a search for what others have currenlty deployed.
I have not been able to find any documents stating what Microsoft recommends for package creation and advertisements. They indirectly recommend creating one large package that contains all approved software updates/patches for all machines. They appear not to recommend breaking packages out based on OS / Application Type or based on patch severity levels. Administratively I could see this as being a nightmare.
As far as advertisements, how do you perform your schedules? Are they always mandatory based on the patch severity level? Are they reoccurring with no expiration ? Do you run them as soon as possible or scheduled?
Any feedback would be excellent.
Matt
I have not been able to find any documents stating what Microsoft recommends for package creation and advertisements. They indirectly recommend creating one large package that contains all approved software updates/patches for all machines. They appear not to recommend breaking packages out based on OS / Application Type or based on patch severity levels. Administratively I could see this as being a nightmare.
As far as advertisements, how do you perform your schedules? Are they always mandatory based on the patch severity level? Are they reoccurring with no expiration ? Do you run them as soon as possible or scheduled?
Any feedback would be excellent.
Matt