View Only

VUM Windows patch set vs. SCCM Windows patch set

  • 1.  VUM Windows patch set vs. SCCM Windows patch set

    Posted Mar 24, 2010 03:13 PM

    We've historically used MS SCCM to keep Windows servers patched. Our patch baseline has always been defined as all patches with severity ratings of "Critical" and "Security". Now that we're 80% virtualized, I'd like to use VUM to patch vm's, then take a second pass with SCCM to patch physical servers.

    The problem I've encountered is that VUM and SCCM don't seem to agree on the baseline selection criteria. I haven't done a complete comparison between the two baselines, but it appears that SCCM's baseline set includes updates not found in VUM's baseline set. Since we use SCCM to report baseline compliance, I suspect vm's updated with VUM will still show as non-compliant.

    Has anyone taken a look at this? Any thoughts on how to reconcile the two baseline sets?