Protection Suite Enterprise Edition

I have read that Protection Centre is an "appliance" based on 2008 Core Web Edition.  If so, how do patches from Microsoft patches get applied to it?  If this is via the LiveUpdate downloads, how often are these delivered?  We roll out to normal servers as soon as we can so we would be concerned if this couldn't be patched in a similar timescale, or is there a reason it does not need to be?  Can it be AD integrated, so it receives our standard GPOs?

Many thanks,

Ian

Greetings Ian,

SPC 2 is indeed an appliance, and is based on the 2008 R2 Web Core edition.

Due to the locked down nature of the appliance not all Microsoft patches may be relevant, so all released OS patches are tested and validated against the SPC implementation by our QA and Security department.

When a patch is deemed necessary, and has been tested, it is added to a whitelist on the SPC appliance that is updated automatically as often as every 24 hours, or manually after the "Check for Updates" button has been activated in the Software Updates section of the web console.

Once on the whitelist the patch is then download from Microsoft or from an in-house WSUS server and then applied to the base OS.

As we do not currently support AD integration (joining the SPC appliance to a Windows Domain), or patching of the base OS without validation testing first (there are more than seven underlying Symantec technologies working in a finely tuned balance on the appliance), you would not be able to integrate with your GPO policies.

We do not currently have any released information about what patches have, or have not, been applied to the base OS, but it is being done. 

Regards 

Thank you for the swift and complete response.