A Patch Management Strategy for the Solaris Operating Environment
In today's mission critical information technology (IT) environments, reliability, availability, and serviceability (RAS) are indispensable. Software patches provide the means of performing software maintenance that, when handled properly, contribute to improved RAS, and thus the successful operation of your business. At the same time, managing patches has become complex and time consuming. It's no surprise that many IT professionals seek a comprehensive patch management strategy to reduce the complexity and enhance the overall operation of their IT environment.
This article offers a high-level strategy for managing patches in mission critical, business critical, and business operational, compute environments that are running on the Solaris operating environment (Solaris OE). This article divides the patch management process into seven phases, each of which can be tailored to suit your distinct IT environment. This article does not discuss the step-by-step process of installing Solaris OE patches, but instead addresses higher-level concepts that can be used with any patch installation utility.
This article is intended for IT managers, IT architects, lead system administrators, and anyone interested in developing a patch management strategy.
Why Develop a Patch Management Strategy?
Patches provide a means to update software without having to upgrade to a new operating system or application version. Patches are used to repair defects and to add or change software features. As with most software environments, patches are part of routine administration for the Solaris OE. Managers of mission critical environments and non-mission critical environments struggle to find the best patch management strategies that deliver the best possible software support while minimizing system downtime.
Change management and other IT service management processes have a standard. This standard is defined in the IT Information Library (ITIL). ITIL describes the goal of change management as a method "to provide procedures to facilitate any change into the IT infrastructure with minimal risk and maximum efficiency". The process must provide a proper balance between the need for change and the impact of change. Where applicable, this article identifies places where the patch management strategy fits into the ITIL standard.
Your patch management strategy should be considered part of change management. Your patch management strategy is certainly a special case of change management because of the complexity involved. For example, a patch might be required to upgrade a system to take advantage of a new feature. The situation is further complicated by the unknownapplying this patch might introduce new problems. Avoiding the patch, in this example, would prevent the successful upgrade. This complex situation requires careful considerations that are best rolled into your standard change management processes.
Developing a sound patch management strategy is critical to successfully manage IT environments for the following reasons:
You keep mission critical and business critical systems up-to-date with required patches for fixes to known problems, possibly preventing problems before they negatively affect your compute environment.
In environments where there are several systems with varying patch needs, based on the type of applications running on them, managing patches and keeping the systems at appropriate patch versions can be very complex. By developing a strategy for managing this software maintenance, you'll simplify the process and improve the results.
The environments required for successful patch management, namely development, test, integration test, and preproduction might already exist in your IT environment. The same environments can be used to manage patches effectively by rolling them out in a phased manner through these environments.
For those data centers in which these environments do not exist, this patch management strategy is an excuse to create these environments to roll out not just patches, but also application software upgrades and many other types of changes.
Categorizing applications into mission critical, business critical and business operational environments is a good starting point towards developing detailed Service Level Requirements for these applications and providing them with appropriate infrastructure, architecture, people and processes to manage them successfully.