When I first started working with Windows operating systems, change management was unheard of. Service packs didn't exist until Microsoft released Windows NT, and even then service pack releases were rare. How things have changed. Today, Windows is a highly dynamic operating system with patches being released at a frantic pace. Because of this, the only way to know whether Windows is stable and secure is to keep track of which patches have been applied and when. While it is possible to perform change management tasks manually, having a dedicated change management application helps ease the process.
Here are five third-party change management applications that are worth evaluating:
1. ChangeGear Change Management
2. Numara Patch Manager
Numara Patch Manager helps administrators create baselines that point out which patches should be installed on network workstations. From there you would scan for machines that fall outside of the baseline.
Numara Software Inc.'s Patch Manager is easy to use. It takes a drag-and-drop approach to patch management. If you want to deploy a patch, you can apply it to an individual computer, a group of computers or to the entire network. Furthermore, a complete patch installation process - - including reboots - - can be scheduled to occur outside of business hours.
NetMRI from Netcordia Inc. not only tracks system changes, but also uses built-in subject matter experts to analyze them. It monitors system configurations for configuration and health issues and notifies you about them before they can cause a major problem. This is important because a poorly configured system may not cause any problems today, but if you eventually install an application or a patch that expects the system to be configured in a certain way and it isn't, it could cause major problems. I also like NetMRI because it analyzes a system's configuration and helps you understand the impact of a change on your network.
4. Splunk for Change Management
Splunk Inc. designed Splunk for Change Management to act as a plug-in to the base Splunk application. It consolidates various log files and has a search engine to help administrators locate specific information within the consolidated logs.
Splunk also collects auditing data related to system changes and indexes those audits with other Splunk logs. That way if a system is experiencing a problem, you can cross reference the log entries related to the system's behavior with the change management logs and determine if there is a cause and effect correlation.
5. Security Manager Plus
Security Manager Plus from AdventNet Inc. takes inventory of a network and compiles a list of the various OSes and applications that are in use. Once inventory is complete, it tracks system files and registry entries and monitors them for changes.
When changes occur, Security Manager Plus shows you who made the change and when. If the change was anticipated, you can set the changed file or setting to be the new security baseline so that the new value is taken into account during future security scans. Furthermore, Security Manager Plus can perform traditional patch management tasks. It scans the computers on your network for missing patches and service packs and provides you with a remediation report that details the steps to take to make your network more secure.
ABOUT THE AUTHOR
Brien M. Posey, MCSE, has received Microsoft's Most Valuable Professional Award four times for his work with Windows Server, IIS and Exchange Server. He has served as CIO for a nationwide chain of hospitals and healthcare facilities and was once a network administrator for Fort Knox. You can visit his website at www.brienposey.com.
This was first published in March 2009