All software must be kept patched. Server and network administrators must constantly be on the alert for software vulnerabilities, and they must evaluate and install patches as soon as the patches are released. However, not all patches are necessary; administrators must first be sure that their systems need the patches. Also, some patches can cause more trouble than they are worth. If possible, test patches on a non-production system before installing them on critical servers.