We recently caught up with Randy Bowman to learn more about how Shavlik helps him in his role as network engineer for the Presbyterian Church of the USA in Louisville, Kentucky.
The System: The Presbyterian Church of USA licenses Shavlik for 50 servers with 450 endpoints disbursed in Louisville and Stone Point, New York.
The Team: Consists of a two member networking team that takes care of the servers and server patching on a monthly basis as well as a team member that administers desktop support. The desktop team member also takes care of patching the individual computers, which frees up network staff.
Q: Shavlik: What motivated you to look for a security solution?
A: Randy Bowman: About 8 years ago I came on board after some significant staffing changes. For practical reasons we did not have very much available in the way of documentation. We had to make up for lost time in our patching and we ended up getting a virus. The result was that we were down for three days.
Q: Shavlik: How did you come to use Shavlik?
A: Randy Bowman: One thing I took on as legacy software was UpdateEXPERT (Shavlik acquired UpdateEXPERT in 2007). From there it was an easy transition to Shavlik Protect. We find it makes things a lot simpler for us. It allows us to patch several servers at one time and patch them in the evening when they are free of traffic. We have the flexibility to reboot the servers or do them manually. If the server is open we can throw on the patching right then and there and have it reboot.
Q: Shavlik: What made Shavlik so appealing?
A: Randy Bowman: Time savings. Being able to quickly implement the patches and download them when they come on Patch Tuesday is a huge benefit. We usually wait until Friday or wait for a notification from Shavlik saying it’s okay for the patches to be installed. Here we’ve got 50 plus servers. I can patch half one night and half the next night, and that would be the first patch. Even if it takes two passes to go through and get a server completely patched, it still saves us time. We are patched in less than a week, where before we would have to do some even manually. Patching is a piece of cake really. In comparison to what we’ve had before, it saves us so much time. Another thing is, if there’s an agent that needs to be on the server like if you brought a new server out, even if it’s just a test server, you can open Shavlik and tell it to push the new agent and BOOM it’s done.
Q: Shavlik: Once you chose to use Shavlik, how long did it take you to get up and running?
A: Randy Bowman: In 2 days we had it going. It actually would have taken 1 day but we were having some separate technical issues with the servers that caused delays.
Q: Shavlik: For this installation, did you have people helping you or was it just plug-and-play?
A: Randy Bowman: It was plug-and-play, more or less. A fellow network engineer did the last upgrade to 9.0. He was on the phone with support and got it done in an hour.
Q: Shavlik: What is your favorite Shavlik feature?
A: Randy Bowman: I like how you can go through and scan the machines in a machine group and it will tell you how many patches are missing. You can run the report and in 5 minutes you’ve got results emailed to you about what patches are missing. When it comes to critical security patches, we sat down years ago and decided this is what we need. It’s easy for Shavlik to go through and look for these and let us know what’s patched and what’s not, and if it’s critical or not.