The Yellow shield that’s always there
I’m probably the only business owner of an R2 box that sees that. It’s the nearly daily “Yellow Shield” I get in the daily monitoring email that tells me that I probably need to go into the console and approve the Defender update. Or the IMF update. Or the Forefront update. Or whatever future product may have a defintion change. Lord help the firm that installs an Exchange 2007 box behind a SBS 2003 R2 system as those 2007 IMFs come out ALL THE TIME . And why am I the only business owner that sees that? Because every var/vap I talk to that controls R2 boxes say that they don’t send that email to the client. They can’t. There’s no advertised “Green Check of health” in the box. They’ve all said they’ve stopped sending the emails to the clients as it leads to questions they can’t answer.
When I blogged about the Best practice of setting Defender Updates to auto update that an R2 box can’t do I forgot about two others…. Exchange IMF updates and upcoming Forefront updates.
So here’s this box that advertises as making patching easier…. and quite frankly in this area it makes it harder. Someone was asking me the other day “So how can I position patch management to make money for a business”…. and I had to stop and think and honestly say… it doesn’t. And especially not when you’ve got either a var/vap or an in house guy having to rdp to the server on a near daily basis and approve the defintion files. Not to mention, it puts the firm at risk should someone not be there to do this.
And what are larger, more cost conscious var firms doing? Not using the R2 WSUS and instead using Kasaya or other tools to patch and control.
Because every time that yellow shield shows up…. it costs.
Which is why most have stopped sending it to their clients…..because it’s a visual evidence that patching costs….. too much on an R2 box.