Last week I had the pleasure of interviewing Brian Lemoine, Senior System Administrator at Guaranty Bank & Trust. Guaranty Bank is a community bank in South Louisiana with 5 locations, 70 computers, servers, virtual server and ~45 users.
JK: How long have you used SolarWinds Patch Manager, and what applications do you patch today?
BL: Our bank has been using Patch Manager for 3 months. We patch all the Windows applications - Office, Server. Now that we have Patch Manager, we patch Flash Player, Java, Adobe Reader, Firefox, and we also publish the Dell driver updates.
JK: Before you started using Patch Manager, how were you patching?
BL: We had a WSUS server but that didn’t work very well. It was cumbersome and a pain to fool with. We had some applications that did not get updated at all. Flash and Java were updated on an as-needed basis if someone called in with a problem. We had some people who were running Adobe Reader 8, some with Adobe Reader 10 and everything in between. It was kind of a mess and there was no way to keep up without going to each machine.
JK: How long did it take you to patch your environment using WSUS?
BL: It was a never-ending process. Pretty much all my free time was devoted to patching. Since I’m a one man band, I don’t have much time to begin with. Being a bank, we have really busy machines and these would hardly get updated at all.
JK: What was the straw that broke the camel’s back that caused you to start searching for a more robust patch management solution?
BL: In October last year, we had a state regulatory agency IT audit from the OFI (Office of Financial Institutions). One of the recommendations was to get patch management under control – it was not up to snuff. At that time, I also worked after-hours for a private school and we were using DameWare for remote administration, which worked really well. That is how I found out about SolarWinds and Patch Manager.
In addition to Patch Manager, we looked at Kaseya, which our consultant recommended, and we also looked at Microsoft System Center Configuration Manager. We tried out all 3 products and the reason we chose Patch Manager was that it just worked – it was easy to set up, easy to understand - it just worked! The others were difficult to set up and get going.
Kaseya was too slow because the patch client was on each computer, and we would connect through the Internet to the server at our consultant. Our consultant has a managed service offering using Kaseya.
JK: How much time does it take to patch your environment with Patch Manager?
BL: It (Patch Manager) cut it down next to nothing. I can schedule it to do everything and anything. For example, today I deployed IE 10 for Windows 7 which came out on Tuesday. I set up a schedule to deploy the patch and it only took me a couple of minutes.
JK: You mentioned you had an IT audit recently. How did it go?
BL: Every year we hire an independent audit firm to perform an IT audit – all banks are required to do this (FDIC/OFI). This last auditor was out of Texas, and he audits banks all over the country. He was very, very impressed with Patch Manager. He made a comment that he has audited banks that have purchased patch management software for $20,000 and it did not work half as well as Patch Manager. We purchased Patch Manager for $700 – it was a steal.
The audit process was really easy. The reports were already built in – like the update status on machines – and it took just a couple minutes to run the reports. In the past I would spend hours on producing reports for the auditors.