Blaster, SQL Slammer, Code Red, Nimda and of late Sasser are classic examples why patch management has become a way of life.

These worms wreaked havoc in the computing environments across the world. SQL Slammer by far the fastest spreading worm took just 10 minutes to bring the Internet down to its knees. At its peak, which was 3 minutes after its release, SQL Slammer was scanning 55 million IP addresses per second.

The common thing between these worms, all of them exploited vulnerabilities in systems for which patches had been made available well before they struck. The reason why they successfully achieved their target was unpatched systems.

These worms also brought to life another aspect; having an anti-virus solution, a firewall, an IDS is not the cure for vulnerable systems. It is imperative that vulnerable systems are patched before they can be exploited by the malicious codes.

Before going any further let us define what patches are. Estimates for the number of bugs in published software range from five to 20 bugs per 1,000 lines of code. The codes written to correct these bugs are called patches.

The fact now is that the number bugs cannot be reduced as quite a few of them will not be discovered till the software code is released for production. What can be done is; systems can do away with the vulnerabilities these bugs create by patching them the moment the patch is available which in effect will reduce the number of security breaches reported.

Now let us look at another eye opener "It took 11 days to bring the attack rate of Code Red down to 50% and it took 24 hours to bring the attack rate of Nimda to the same percentage." What does this tell us? The difference patching of systems can cause to prevent exploitation of systems by malicious codes.

Despite being aware of such things incidents are still reported. Worms like SQL Slammer and Blaster still cause widespread losses. The reason is patching systems itself throws up big challenges.

Time is the number one challenge. Imagine if you were to patch up 1000 systems with 5 patches each, that would in effect mean applying 5000 patches. Assume each patch takes 5 minutes to apply, that would mean to patch all systems it would take 25000 minutes. Gone are the days when a vulnerability would be exploited a year after the patch for it was released. Today when we look at networks we look at complex architectures, multi-location management, and remote management etc. how does one patch in such an environment? How does one keep a track of the patches released every now and then and that too when the vulnerability exploits are being set loose in a short span of time. How does one keep a track of the systems, which are patched up and with what patch? How does one ensure that the patches are working fine over a period of time? How does one set baseline or get the latest patch status across one's network? Can patches be applied manually on all machines?

So now the next question what does one do? The answer to this question is an Automated Patch Management Solution.

An automated patch management solution is a solution through which one monitors the patch health of the systems, notifies the administrator about the status of the systems and provides the paths and means to deploy patches.

The patch management process has six basic steps.

These steps are followed in a cyclic manner as and when a patch is released.

To summarize the aim of the patch management solution is to secure and protect the network against the malicious codes which exploit the inherent vulnerabilities of the systems, reduce the workload on the administrator of the company so that the administrator can focus on his core area of work and give a complete status of the network thereby eliminating the need to guess whether the systems have been patched or not.