By sunconnection on Jul 02, 2007
What is Patch Management? Why are people so afraid of talking about this and there are so many opinions regarding this topic. They vary from patch the latest all the time when it is available, never patch because it is dangerous, patch when vendor tells you or when something breaks.
So what is the reality? Is it dangerous? Will it create more downtime?
I cannot say that we have all the immediate answers, but I will explain some details and these are taken from the new version of the Patch Management Whitepaper that is being reworked and updated.
Patching first of all is not dangerous. It all comes down to the Process on how to handle it. Patching should be planned, qualified, tested, etc, etc.... It should follow very much like Release Management when developing Software. It is not that much different. So this means that any downtime should be planned, then it is ok of course. The test cycle should be complete also before going to the next level.
So an example of the process could be something like:
Analyze->Assess->Download->Schedule->Deploy (if approved)
Where (if approved) is very important.
So in the paper we will talk about the link to ITIL and how that can help understanding the process and cycle. So stay tuned for the updated paper and more info will follow here :) Then to facilitate the whole Patch Management Process we have tools such as Sun Connection.