ON iPatch Locates Unpatched Systems

Symantec's ON iPatch is an easy-to-use patch management platform for midsize Windows-centric businesses.

Symantecs ON iPatch is an easy-to-use patch management platform for midsize Windows-centric businesses. However, although ON iPatch is a good deal for customers, bundling a few of Symantecs management and security solutions, the company adds little value to the base product.

Version 1.1 of this agentless patch management solution, released last month, is really an OEM edition of Shavlik Technologies HFNetChkPro. ON iPatch 1.1 is priced at $22.20 per seat for as many as 250 managed hosts or $16.40 per seat for 2,000 or more hosts, and it includes a one-year maintenance agreement.

Other than a fresh coat of yellow paint, ON iPatch looks and handles like its Shavlik progenitors. In no time, I was scanning and pushing patches to Windows 2000, Windows Server 2003 and Windows XP-based test devices alike. I also used ON iPatch to push Service Pack 2 to Windows XP-based machines. Although initial deployment went smoothly, rescans of the upgraded client failed due to the newly activated Windows Firewall.

/zimages/6/28571.gifClick here to find out why SP2 may spell trouble for agentless patching.

ON iPatchs agentless architecture relies on remote scans from the central console, so I had to readjust my Windows Firewall policies to accept network requests from the console via Port 139 for scans to work.

Symantec is working to include ON iPatch in the Windows Firewall exceptions list to avoid this problem in the future, Symantec officials said.

For more information, check out www.symantec.com.

/zimages/6/28571.gifCheck out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

/zimages/6/77042.gif

Be sure to add our eWEEK.com Security news feed to your RSS newsreader or My Yahoo page