Let's face it: although you may use Microsoft System Center Configuration Manager (SCCM) for managing your physical and virtual workstations, when it comes to patch management and software distribution of non-Microsoft updates, things can get complicated.
Yes, you need to use Windows Server Update Services (WSUS) for patching, and System Center Updates Publisher (SCUP) to import third-party software catalogs. And you only get a bare minimum of pre-built and tested third-party software packages for deployment with SCCM.
This means there are more management systems to handle, more manual effort, and certainly a huge toll on administrative and troubleshooting person-hours.
SolarWinds Patch Manager extends the power of Microsoft SCCM to help you keep your desktops, laptops, servers, and VMs patched and secure with the latest patches for both Microsoft and other third- party applications. With Patch Manager, you’ll save a ton of time by deploying patches for third-party applications right along with your Microsoft patches, eliminating the need to use SCUP.
Here are the top 13 reasons why you need to have SolarWinds Patch Manager added to your SCCM deployment. 13 may just turn out to be your lucky number today!
|#||Reason||Microsoft SCCM||SolarWinds Patch Manager|
|1||Patching Microsoft Software Updates||Yes||Yes via WSUS or SCCM|
|2||Patching Non-Microsoft 3rd Party Software Updates||Limited By using Microsoft SCUP||Yes|
|3||Visibility into Application Inventory||Yes – For System Center Essentials (SCE) environments which uses WSUS natively. Enable the use of the WSUS/WUAgent. The Extended Inventory collection tool, includes software and hardware inventory.||Yes – Microsoft & other 3rd party applications, hardware inventory, disk space & other metrics|
|5||Reporting Visibility into Patched & Unpatched Systems and Software||Requires some knowledge of SQL programming as well as administration of SQL Server Reporting Services (SSRS).||Yes – Granular Visibility. Custom reporting requires no SQL programming or scripting|
|8||Notification of Failed Updates||No||Yes – Provides information via the client log file as to why the update failed.|
|9||Patch Scheduling||Yes||Yes – Push patches at discrete times to accommodate different time zones and network impacts of patching large numbers of endpoints.|
|10||Wake-on LAN for booting target systems for patch management||Yes||Yes|
|11||Third-party Pre-built & Tested Packages||Limited – Only for catalogued patches||Yes – For many common applications|
|12||Custom Package Creation||Yes – Requires SCUP||Wizard driven Package Creation Wizard for complex before and after deployment scenarios|
|13||Client Health Diagnosis & Remediation||Yes – Client Health Data||Yes – Repair WMI, WUAgent, and Configuration Manager Agent|
WSUS is an excellent tool, but it lacks the ability to effectively schedule patches and report on patch status and inventory.
Despite using SCCM, when it comes to patch management and software distribution of non-Microsoft updates, things can get complicated.
The time between the discovery of an operating system or application vulnerability and the emergence of an exploit is decreasing.