X

Updating Windows Instances Using the Oracle Cloud OS Management Service

Julie Wong
Product Management Director

Staying up to date on operating system (OS) patch management is critical for protecting systems from known vulnerabilities and preventing costly unplanned downtimes. An added benefit for Oracle Cloud Infrastructure subscribers is the OS Management service, which is available at no additional cost. The OS Management service enables Oracle Cloud users to automate common OS management tasks, such as patching for Linux and Microsoft Windows operating systems.

One of the most important benefits of automated patch management is increased security, and this also applies when managing Windows Server instances or any other operating system. Along with a robust patch management policy, the OS Management service helps you maintain security compliance, and reduce cyberattacks and unnecessary downtime.

In a mixed-OS environment in the cloud, patch management is more complicated and time consuming, especially when multiple patching tools are used. The OS Management service helps reduce patch management complexity by providing a single, consolidated service in Oracle Cloud Infrastructure that efficiently manages both the Oracle Linux and Microsoft Windows operating systems, multiple versions of the operating systems, and groups of instances.

Security Update Compliance at a Glance

The OS Management service provides a summary dashboard for Windows Server instances. You can quickly see the level of security update compliance for an instance.

To see the summary dashboard in the Oracle Cloud Infrastructure Console, in the main menu go to Compute and then click Instances. Select the instance, and under Resources, click OS Management.

The OS Management service displays the number of security, bug, enhancement, and other updates that are available to install. From this dashboard, you can choose to install only security updates or to install all updates. You can also drill down to view more details related to instance patching and perform other management tasks on the instance.

A screenshot that shows the OS Management dashboard for an instance. Three security updates and one other update is available.

Tracking Available and Installed Updates

The OS Management service provides a list of updates that have been installed on your Windows Server instance, so you can track the status and inventory of updates.

A screenshot that shows installed updates for an instance in the OS Management Managed Instance Details page.

The OS Management service also displays available updates, specifies whether an update requires a reboot, and provides reference to the Microsoft Knowledge Base (KB) article numbers.

A screenshot that shows the available updates for an instance in the OS Management Managed Instance Details page.

From here, you can select the updates that you want to deploy. You can apply an update at any time or, if your organization's patch policy requires you to install updates during off-peak times, you can schedule an update job for a future date and time.

A screenshot that shows the Install Updates dialog box, with a date and time selected for a Windows update.

Saving Time with Fleet Management

By using the OS Management service, you can take much of the manual labor out of managing groups of Windows Server instances. Managed instance groups let you apply updates and maintain consistent patch levels across a fleet of Windows Server instances. You can select individual or all Windows Server updates and apply them to a managed instance group for immediate or scheduled installation.

A screenshot that shows a list of managed instance groups on  the OS Management page.

Also, you can take advantage of Oracle Cloud Infrastructure tools such as notifications to alert you to any updates that have occurred or jobs that have run.

Getting Started

The OS Management service supports Windows Server 2012 R2, 2016, and 2019 Standard and Datacenter edition instances that are deployed on Oracle Cloud Infrastructure. Windows Server instances deployed from Oracle-provided platform images since April 28, 2020 can be managed without the need to deploy any additional software; otherwise, you must install or update the Oracle Cloud Agent for Windows to version 1.0.0.0 or later. For custom bring-your-own-image (BYOI) Windows Server instances, the Oracle Cloud Agent for Windows must be installed.

For information about how to get started with OS Management for Windows Server instances, and detailed steps for enabling it, see the documentation. To view a quick start video, go to Getting Started with OS Management for Windows in Oracle Cloud Infrastructure in the Oracle Learning Library.

Resources

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.