I've been using OS X since it came out, and have upgraded through all
versions to the latest version. In all this time, I've had software
updates basically just automatically running, with some exceptions for
things I knew I didn't need. In the past few years that I've been doing
this I have only twice seen any issues with an update. So unlike the
windows patch and pray cycle, it's one thing that apple does very well.
They're not perfect, but they don't drop bombs on you with anything like
the regularity that MS has. (I also use windows, when I have to, which
thankfully is a declining trend). So, not to start yet another boring
platform flame war (please don't bother), but just to let you know what
my experience has been on both platforms. If you have just a few of
them, I'd just let them auto update and deal with any rare issues as
they arise.
I think it would be a great idea for the campus to have a campus-wide
update server, if one doesn't already exist.
-Jay
Mike Patterson wrote:
> We're working on our Mac patch management strategy/tool use. 99% of
> our desktops are windows and we are more familiar with supporting
> those. We've been using a monthly "Patch 2nd Tuesday" cycle using
> WSUS for windows, internal security scans/RHN/newsgroups for linux/bsd
> servers, and manual "software update" on OS X desktops. We also
> process pressing security alerts out of that cycle when needed.
>
> Is anyone using System Update Server for Mac OS X?
> http://www.apple.com/server/macosx/features/softwareupdateserver.html
>
> Can you set your clients to automatically install approved updates
> like you can with Windows SUS/WSUS? Does it needs to run on a actual
> apple server as oppose to serving flies from a different bsd box? Is
> there a campus Mac SUS server available for campus clients to use
> (it's overkill to run our own OS X server for this)?
>
> While our windows desktops need patches constantly, at least we have
> our WSUS server and policies to automatically install the patches we
> approve and report their status.
>
> We have a small number of Mac desktops, but visiting each workstation
> and approving updates is a hassle. I suppose we could enable ssh and
> run softwareupdate from the command-line... possibly we could set a
> cronjob to email us automatically if downloaded updates are waiting
> for install (since we are out of touch OS X updates)...
>
> What are other people doing?
>
> Thanks,
> Mike
>
> ------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> For information about Micronet, including subscribing to
> or unsubscribing from its mailing list and finding out
> about upcoming meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.
>
-- -Jay Bryon Senior Network Engineer, CNS U.C. Berkeley jay@berkeley.edu 2-5636 ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Fri Mar 17 09:00:24 2006
This archive was generated by hypermail 2.1.8 : Fri Mar 17 2006 - 09:00:24 PST