Choosing a Patch Management Solution

Updating software is now commonplace in the IT industry, and many believe it’s a solved problem. Yet plenty of organizations still struggle to keep systems up to date, especially with software updates beyond the OS. And because the data center is the lifeblood of your organization, your security practices must include comprehensive patch management to help keep workstations and servers secure, data readily available, and your business reputation intact.

Patch Management Products

I’ll highlight the two most popular patch management solutions in the market today.

  • Microsoft SCCM

A centralized patch management solution from Microsoft used to patch all Windows-based servers and workstations in the organization. It also patches Microsoft applications like Office.

On its own, Microsoft SCCM does not patch Linux and Unix-based systems. Neither does it patch third-party applications (non-Microsoft apps) like Adobe Flash, Adobe Reader, Java, iTunes, Google Chrome and Firefox browsers, etc.

However, a plugin or add-on can be integrated into Microsoft SCCM to enable it to patch non-Microsoft apps.

  • Ivanti Patch

Ivanti provides centralized, automated patch management for every system in the organization – from physical servers to virtual machines, Microsoft Office applications to third-party apps, Microsoft Windows-based servers and workstations to Unix systems including Oracle Solaris and IBM AIX. It is the most complete patch management offering in the industry.

Which One to Choose

  • For organizations with an already installed base of Microsoft SCCM, the recommendation is to purchase an add-on/plugin from Ivanti (Ivanti Patch for SCCM) to enable Microsoft SCCM to update non-Microsoft apps in the environment. By so doing, companies can leverage their existing investment in SCCM.

  • For organizations now looking to deploy a patch management solution, the full-blown Ivanti Patch is recommended over the combo SCCM-Ivanti Plugin. With the standalone Ivanti Patch solution, the organization deals with a single vendor for licensing and support issues, reducing administrative and management overheads.


PCI DSS Requirement 6 mandates financial services organizations to implement patch management for all systems and applications in order to protect against malware and threats that exploit security flaws and vulnerabilities.

Given that 86% of reported vulnerabilities stem from third-party apps (according to the US National Vulnerability Database), a patch management solution must fully protect Microsoft operating systems and applications, as well as non-Microsoft operating systems such as Linux/AIX, and non-Microsoft apps such as browsers, Adobe Flash and Reader, Java, etc.

Ivanti Patch solutions provide the most comprehensive offering for meeting all patch management needs in the enterprise.

Next Steps

We provide a range of security solutions, based on Ivanti, to help businesses meet their endpoint protection needs. To discuss this or other cybersecurity needs, call us at +233.54.431.5710 or write to

About Apotica

Apotica, headquartered in Accra, Ghana brings together the best information and communications technologies to help clients grow, compete and serve their customers better.