In computing, a patch is a small piece of software designed to update or fix problems with a computer program. This includes fixing bugs, replacing graphics and improving the usability or performance. Though meant to fix problems, poorly designed patches can sometimes introduce new problems (aka. software regressions).
Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.
However, there is no common way to determine if many UNIX machines are patched to meet compliance standards. There is no common set of commands and tools to patch multiple UNIX machines automatically. Each UNIX Operating System type (Solaris, HP-UX, AIX, RedHat Linux, SuSE Linux) has a different way to evaluate patch information, patch history and a different way to install the patch. This makes maintaining compliance with security standards a complex and labor-intensive task and requires experts for each machine type.
With current technology, the patching of UNIX systems is inconsistent and a potentially error prone manual process. FIG. 1 illustrates the current manual process used. At 102, a new APAR is released. (APAR (Authorized Program Analysis Report)) is a request for correction of a defect. In the present application, an APAR is a patch. At 104, a determination is made as to whether the APAR is applicable to the system. If not, at 106, the APAR is closed. If so, at 108, the APAR is searched and downloaded and, at 110, the APAR is installed and, at 106, the APAR is closed. This is a time consuming process to monitor and manage patching.
In view of the foregoing, a need exists to overcome these problems by providing a system and method for monitoring and managing the patch process.