Microsoft revealed an effort to align with systems management vendors to integrate its Software Update Services (SUS) into their frameworks, with the goal of easing Windows patch management installation and configuration.
But analysts said the software giant's motive was jumpstarting stalled adoption of SUS and off-loading security maintenance, as well as upkeep of graying Microsoft products such as Windows 2000 and NT.
Microsoft is targeting IBM /Tivoli, Computer Associates International , HP, and BMC Software, as prime candidates to push out Windows Update, Office Update, and a new Microsoft update product due within a year for add-on products, including SQL Server and Exchange Server, said Jeffrey Jones, senior director of marketing at Microsoft.
"We'll be looking at having [prepackaged installed behavior] identify itself to systems so our tools will discover, in a consistent way, what paths and tools have been installed and what has not," Jones said. "The ideal goal is if we understood (system) requirements and fed that into patch management."
While no agreements have been finalised, a CA executive confirmed that the company was interested in integrating SUS and currently evaluating Microsoft's plan.
Jones said that Tivoli and HP, meanwhile, were on deck for discussions.
"If Microsoft did convince a CA or Tivoli to include SUS into client management systems it would be a great coup for Microsoft," vice-president at research organisation Gartner, John Pescatore, said. But if I was CA or Tivoli I don't see why I would want to,"
Furthermore, several obstacles stood in the way of customers welcoming SUS with open arms and IBM, CA, HP, and BMC accepting Microsoft's overtures, he said.
Pescatore said many people had "reacted badly" to enabling the AutoUpdate in a Service Pack for Windows 2000 and XP on servers and desktops because it required a signature on a licensing agreement that allowed Microsoft to view all software on a PC.
He said that many SUS integrations would not cure patch-management ills for customers that do not run pure Microsoft environments.
"There really hasn't been widespread use of SUS, which is why Microsoft is looking to get it tied in with the 'big guy's' products," Pescatore said. Despite the relative success of niche patch-management players such as Shavlik Technologies, PatchLink , St. Bernard Software, and BigFix, Jones said the need for third-party intermediary products would disappear if customers trust Windows Update more fully.
For that to happen, patch management must be run through a testing and change configuration process and become more tightly integrated with broader systems management and application management platforms, solutions manager at HP OpenView, Chuck Darst, said.
"A lot of people are very nervous about patch management installation - all of a sudden patches popping up," Darst said. "Before [Microsoft] releases something, making sure the patch won't blow up is a really big step for users."
To get patches deployed to the desktop, HP has recruited St Bernard to build a smart plug-in for OpenView, which also works with Novadigm and Altiris for patches.
Some customers have flocked to niche patch-management players due to past failures with Microsoft and concerns about the software giant's patch automation tactic.
"Microsoft has started to go down the path of automating patches and that's a bad idea. It opens up too much opportunity for folks to exploit those channels and put in Trojan code," senior systems security analyst at MCI, James Baird, said.
He would have to see something drastically different tobefore he'd switch from Shavlik Technologies to Microsoft SUS.