Top Patch Management Solutions

Let’s take a look at some of the top patch management options out there. These solutions were chosen based primarily on the most recent Gartner Magic Quadrant for Client Management Tools.

Gartner noted that BMC, Hewlett Packard Enterprise (now Micro Focus), and Red Hat tend to treat patching as one aspect of managing the overall server life cycle, as opposed to having a tight focus on PCs, laptops and other similar endpoints. Multiplatform server and desktop-focused patching vendors include IBM, Ivanti, Verismic, and Kaseya. For the patching of non-Microsoft applications, a major patch management pain point, Ivanti, Flexera, and SolarWinds are noted as strong by Gartner analyst Terrence Cosgrove.

These are not rigid categories. There is plenty of overlap between them and vendors are steadily introducing new capabilities that blur such divisions.

Jump ahead:

SolarWinds Patch Manager

SolarWinds Patch Manager can automate the patching of Microsoft Windows servers and workstations for both Microsoft and third-party products. It includes a catalog of updates for products such as Google Chrome, Mozilla Firefox and Java. It requires the use of either Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM).

See our in-depth look at SolarWinds Patch Manager.

Flexera Corporate Software Inspector

Flexera continuously identifies vulnerable applications and applies security patches. It leverages verified vulnerability intelligence to assess over 20,000 applications, drives patch prioritization based on criticality of vulnerabilities and security policies, provides tested patch packages for non-Microsoft applications, and integrates with management tools for patch deployment.

See our in-depth look at Flexera Corporate Software Inspector.

IBM BigFix

IBM BigFix is a collaborative endpoint management and security platform for IT infrastructure and security professionals. It provides real-time endpoint data that can re-image remote devices, distribute and patch software, discover and inventory new assets, assess application usage, and monitor and enforce compliance polices across many types of devices using multiple versions of Windows, Mac and Unix OSes and apps.

See our in-depth look at IBM BigFix.

Ivanti Patch

Ivanti provides several patch management options for Windows, Linux, Unix and Mac and an extensive third-party catalog of software updates. Some came from Landesk, some from Shavlik, Heat, and a long list of other acquired companies.

See our in-depth look at Ivanti Patch.

Red Hat Satellite

Red Hat Satellite is a Linux server management product that helps users control and optimize the lifecycle of Linux operating systems. It works in conjunction with Red Hat Insights, a configuration assessment service that analyzes system configuration state to identify performance, stability, or security risks.

See our in-depth look at Red Hat Satellite.

Kaseya VSA

The Kaseya VSA Software Management module is a patching solution for Mac and Windows operating systems as well as a way to deploy hundreds of third-party software titles. It uses peer-to-peer technology to distribute patches to reduce bandwidth requirements.

See our in-depth look Kaseya VSA.

Micro Focus ZENworks Patch Management

ZENworks Patch Management was inherited from HPE and Novell. It is an automated patch management solution that retrieves and deploys patches. It automates the collection, analysis, and policy-based delivery of patches to endpoints. It provides pre-tested patches for more than 40 different Windows and non-Windows operating systems.

See our in-depth look at Micro Focus ZENworks Patch Management.

Syxsense Patch Manager

Patch Manager is included in Syxsense. It automatically keeps desktops, laptops and remote users up-to-date with security patches and software updates. A subscription includes patching for Microsoft, Linux and third-party vendors.

See our in-depth look at Syxsense Patch Manager.

BMC BladeLogic Server Automation

Patching is a subset of the capabilities of BladeLogic, which also include provisioning, compliance, configuration management, and software deployment. It is normally offered as a platform, but there are options to purchase only the patch capabilities if required. Further features include the ability to stage and test patches before committing them, integration with service desk change management systems, and add-on SaaS services that enable vulnerability management and remediation.

See our in-depth look at BMC BladeLogic Server Automation.

KACE Systems Management Appliance

The KACE Systems Management Appliance offers patch and endpoint management and security and can patch up to 20,000 machines in four hours. Endpoints are automatically discovered and provisioned by vendor, operating system, department, and location.

See our in-depth look at the KACE Systems Management Appliance.

Patch Management Product Feature Comparison

Top Patch Management Providers

Drew Robb
Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including ServerWatch and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top Endpoint Detection and Response (EDR) Solutions

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application...

Best SIEM Tools & Software for 2021

Security Information and Event Management (SIEM, pronounced "sim") is a key enterprise security technology, with the ability...

Related articles