Does anyone know of a patch management system that will allow us to control the roll out of patches, specifically for Windows but Linux would be nice too, that can use a date to limit whether a patch is rolled out.
Patch to date set to 2012-06-10
So all patches released up to 2012-06-10 will be offer to requesting client. Any patches released after 2012-06-10 will be hidden/not offered until the "Patch to Date" is moved forward.
Production IT | Vision Critical
New York | London | Vancouver | Paris | Sydney | Chicago | San Francisco | Toronto | Montreal | Calgary
I am unsure of some details but will blindly suggest you look at
wpkg.org as a method of deployment for Microsoft Windows products.
There are a number of different solutions depending on your environment and how much you might be prepared to spend.
A few that spring to mind:
PatchLink, works with Windows and RedHat, not sure if they sorted out CentOS support. I've used PatchLink in the past for managing patch deployment to several hundreds of servers, (split up into groups for a final bit of paranoia).
ManageEngine have tools, but I believe that's Windows only.
RedHat have Satellite that patches and a whole lot more but that comes at a premium. There is also SpaceWalk from them: http://spacewalk.redhat.com/ that manages RedHat, CentOS and Scientific Linux patching.
I don't know of a good software product that does *both* Windows and
RHEL/CentOS, but for Windows, have you looked at Microsoft's WSUS ?
For RHEL/CentOS, use Spacewalk .
Hope that helps!
If you're using Active Directory I think you can actually do that with
the Policy Manager thingy, but i'm not really a windows guy to be