Patch Management

What is Patch Management?

Patch management is a tedious, manual job that most system administrators desire the least. To add to the misery is the fact that while a certain software version might work very well with your existing setup, a mere updating with latest patches might bring your entire system down.

A simple fact remains that, enterprises can avoid majority of the threats against their systems by diligently patching the vulnerable systems. However, it would not be out of line to say that patch management is a repeating pattern of activity that is minimally effective due to the magnitude of the patching problem. One really cannot put a finger on which vulnerability would be exploited next. A case in example would be: Code Red, Nimda, and as recent as Slammer worm all exploited well - known software vulnerabilities to infect systems.

What does an effective Patch Management involve?

An effective Patch Management would involve following five steps:

The problem: Most of the enterprises have a lean IT team and their time is typically stretched between addressing help desk issues, and trying to keep up with the current business requirements. Recently Information Security and its nuances have started competing for their time as well. In such a scenario, Patch Management rarely features high in their list of priorities, primarily because of being extremely manual and time consuming. The fact that instant returns cannot be seen may also be one of the reasons for its minimal popularity.

How to address this problem? Outsourcing Patch Management provides a clear advantage for the security professionals who struggle to patch their systems in order to protect them. The basic advantages come from productivity gains for end users and administrators, access to the experience, technical expertise of knowledgeable professionals, higher service level commitments and state-of-art infrastructure from the service provider. This gain precipitates in the form of lower cost of ownership. The security of critical IT resources requires not only adopting reasonable precautions for securing these systems and networks but also the ability to monitor and manage the system effectively ensuring that the systems are not breached. Unfortunately, it is not such a simple matter.

- Montu Chandrabhushan Mantha

Understanding VoIP

IP has become an accepted standard for communications over data networks worldwide, and enterprises have successfully implemented it. In 1995, IP found a new passenger, which it had to transport between networks and devices - Voice. Voice can now be packetized and sent over a data network using VoIP (Voice over Internet Protocol) technology. This revolutionary technology is now setting off a new trend - the convergence of voice and data networks. The convergence has also paved the way for a wide array of new applications.

What can Internet Telephony mean for India?

One, there would be substantial cost reductions resulting in real savings in long distance telephone costs which can be extremely important to most companies, especially considering global operations. PC to PC communication will help enterprises in communicating with their regional and corporate (HQ) offices, translating to significant cuts in STD/ISD costs. PC to phone (abroad) will help employees converse with partners or principals abroad at lower ISD costs. Home users will have low-cost voice communication to overseas locations. Value-Added Services: Apart from this, an integrated voice and network simplifies network layout and deployment, which allows more standardization and reduces total equipment needs. Voice & video conferencing, fax over IP, managed voice services, Internet call waiting services, unified messaging services and voice mail. Call Centers can use Web links for their communications, which could be serviced by ISPs offering Net Telephony. For more information, please email to esbmarketing@sifycorp.com