Product to manage 3rd Party Patches?

thomasguidry
New Contributor

Does any know of, or use, a product that manages 3rd Party Patches for the Mac Platform?
I know of Secunia(http://secunia.com/vulnerability_scanning/) for the windows side, but all it does for the mac side is patch scanning, not actual deployment.

7 REPLIES 7

Matt
Valued Contributor

Munki

http://code.google.com/p/munki/

rockpapergoat
Contributor III

it depends on what you mean by "manage," but munki should fit the bill. you're posting in a casper forum, so you can also use casper to do this. munki is smarter about the process, though.

Matt
Valued Contributor

I was going to go the route of Munki with Casper as well but with the App Store changing the game, I am going to hold off.

thomasguidry
New Contributor

Casper doesn't do a very good job of patch management imo. Its not the whole puzzle, its only a piece of a puzzle. You can't do patch management with Casper without some other product acting as a repository for the patches. (SUS or otherwise) I'm not looking to download software patches for a few thousand apps and create packages for them to be pushed down. The point is to automate it.

CasperSally
Valued Contributor II

agreed. I couldn't find an existing feature request - so I added one. Feel free to vote it up/comment.

https://jamfnation.jamfsoftware.com/featureRequest.html?id=662

mm2270
Legendary Contributor III

This has always been Casper's achilles heel, or part of it anyway. In truth though, there are no products out there for the Mac that do what you're looking for to my knowledge, or, if there are, they are more PC/Windows centric with some Mac capability, but usually half broken or unintuitive.

In some environments, having an Apple SUS and an Adobe patch management server can take care of the major software pieces, but there is nothing that will help you automate downloading and distributing all patches for all software across your systems. Part of the issue is that some vendors don't adhere to a standard installer method. Some are PKGs, some MPKGs, some are DMGs with an executable inside (Firefox, e.g), and some yet are custom installer processes. So I'm not sure how any product would really manage all the different possibilities out there without breaking somewhere along the line.

In short, its a tall order.

CasperSally
Valued Contributor II

integrating OS and Adobe would be something to start with. I guess Flash auto updates itself now so may be less of an issue for some, but we certainly disable that so we can test updates first.