Windows 2003/R65 OS patch management

[vbavbalist]

Hi,
I have 2 hardware which on both Windows 2003 Server and R65 is installed. Also DNS server on both systems are working on to host the companies domains.

For a long time the main firewall is working online. But this weekend i need to make the backup fw the same as the main one. I have exported the CP configuration and imported to the backup one, thats ok. But I need also the check the DNS entries and the patch of the OS itself. So for this time and generally what do you offer for the patch management of the OS firewall running on?

Regards

[mcnallym]

Any old Windows Patch Management Software would do.

If you are going to run your Check Point on Windows (and I wouldn't personally) then there are lots of existing Windows Patch Management products available ranging from Microsoft WSUS right the way upto Microsoft System Center.

I can't imagine a Microsoft environment not having some form of existing Windows Patch management, especially as WSUS is free.

I take it that as you have exported the cp config from one to the other that the 2nd box is an offline backup ready to go if the live firewall breaks.

Also if you MUST keep your check point on Windows at least move the DNS Server off the box. Your firewall really should be a single purpose box.

Is there a reason, other then the DNS Server running on the box that you don't use Secure Platform as you really don't have to be a linux expert to use it.