1 / 21

INF208 Patch & Update Management Infrastructure, Management and Operations

INF208 Patch & Update Management Infrastructure, Management and Operations. George Kovachev Microsoft System Management Region Director Bynet Data Communication Ltd. E-mail: v-gkovac@microsoft.com gio-k@bynet.co.il. Agenda. Patch Management Frameworks Client Patch Management Overview

sydnee-bennett
Download Presentation

INF208 Patch & Update Management Infrastructure, Management and Operations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. INF208Patch & Update ManagementInfrastructure, Management and Operations George Kovachev Microsoft System Management Region Director Bynet Data Communication Ltd. E-mail: v-gkovac@microsoft.comgio-k@bynet.co.il

  2. Agenda • Patch Management Frameworks • Client Patch Management Overview • Window Update Service Overview • Demo • SMS 2003 Patch Management Overview • Demo • SMS 2003 Hardware updates Add on • SMS 2003 R2 - What’s in it? • Comparing WUS and SMS 2003

  3. Patch Management Framework Assess Environment to Be Patched Identify New Patches Patch Management Evaluate and Plan Patch Deployment Deploy the Patch

  4. Client Patch Management Overview • Standard Patch Deployments • Emergency Patch Deployments • Service Pack Deployments • Source Path Update Management Feature • Managed source path for Office 2000, Office XP, and Visio • Ensures Office updates can return to source to successfully patch

  5. Standard Patch Deployment 98% Complete Days PercentComplete 40%Patched 80%Complete TUE WED THU FRI SAT SUN MON TUE • Notification • Patch SMS servers • Update Sync file • Sync file • Update DP • Scan tool • Wait 10 minutes • Create package • Test package • Set up remaining packages • Begin patching • Begin reporting status • Start remediation for failed jobs • Report status • Continue remediation for failed jobs • Report status • Continue remediation for failed jobs • Report status • Forced patching begins • Continue remediation for failed jobs • Report status • Continue remediation for failed jobs

  6. Emergency Patch Deployment 40%Patched 80%Complete 98%Complete Thursday 11:00 12:00 13:00 14:00 15:00 16:00 17:00 10:00 18:00 • Notification • Patch SMS servers • Update Sync file • Sync file • Update DP • Scan tool • Wait 10 minutes • Create package • Test package • Set up remaining packages • Beginpatching • Begin reporting status • Start remediation for failed jobs • Report status • Continue remediation for failed jobs • Report status • Forced patching begins • Continue remediation for failed jobs • Report status • Continue remediation for failed jobs • Report status • Continue remediation for failed jobs

  7. WUS Solution Overview Microsoft Update WUS Server Desktop ClientsTarget Group 1 Administrator Server ClientsTarget Group 2 Administrator subscribes to update categories Server downloads updates from Microsoft Update Clients register themselves with the server Administrator targets different updates at different clients Administrator approves updates Clients installs administrator approved updates

  8. Windows Update Service

  9. Patch Management Framework Assess Environment to Be Patched Identify New Patches Patch Management Evaluate and Plan Patch Deployment Deploy the Patch

  10. SMS 2003 Patch Management How It Works • Download Security Update Inventory Run inventory tool installer MicrosoftDownload Center • Scan components replicate to SMS clients • Clients scanned; scan results merged into SMS hardware inventory data Firewall 4. Administrator uses Distribute Software Updates Wizard to authorize updates • Update files downloaded; packages replicated and programs advertised to SMS clients SMS DistributionPoint SMS Site Server Client SMS • Software Update Installation Agent on clients deploy updates SMS DistributionPoint • Periodically: Sync component checks for new updates; scans clients; and deploys necessary updates Client SMS Client SMS

  11. SMS 2003 Patch Management

  12. Patch Management Framework Assess Environment to Be Patched Identify New Patches Patch Management Evaluate and Plan Patch Deployment Deploy the Patch

  13. SMS 2003 Hardware Updating • Inventory Tool for Dell Updates • IBM Systems Update Tool • IBM firmware and HW driver updates • IBM server series: BladeCenter, Eserver, and xSeries • SMS Inventory Tool for HP ProLiant and Integrity Updates • HP system software, firmware (ROM and BIOS updates), and ProLiant or Integrity Support Packs • HP Proliant BL, DL, and ML series servers • HP Integrity Superdome series servers • Certain HP Integrity RX series servers

  14. SMS 2003 R2 Features What’s in it? • Scan Tool for Vulnerability Assessment • Uses MBSA 2.0 as a scan engine • Provides VA reporting for common software mis-configurations defined by MBSA 2.0 • Administered identically to existing SMS 2003 scan tools • Inventory Tool for Custom Updates • Vendors create update definitions for commercial software applications • Customers create update definitions for in-house line-of-business (LOB) applications • Solution integrators (SI) and outsourcers build catalogs for organizations to which they provide services

  15. Comparing WUS and SMS 2003 Adopt the solution that best meets the needs of your organization

  16. Comparing WUS and SMS 2003 Adopt the solution that best meets the needs of your organization

  17. For More Information • Microsoft TechNet: http://www.microsoft.com/technet/itshowcase/ • Microsoft case study resources:http://www.microsoft.com/resources/casestudies/ • SMS 2003 patch management product documentation: http://www.microsoft.com/smserver/techinfo/productdoc/ • Windows Update Service http://www.microsoft.com/windowsserversystem/wus

  18. For More Information • SMS Home Page • www.microsoft.com/sms • System Center Family of products • www.microsoft.com/systemcenter • Community Sites • http://www.microsoft.com/smserver/community/default.mspx • MyITForum.com • SMS 2003 Scripting Center • http://www.microsoft.com/technet/scriptcenter/default.mspx • SMS Download Center • http://www.microsoft.com/smserver/downloads/default.mspx • Partner Resources – SMS Alliance • http://www.sms-alliance.com/ • Webcasts • http://www.microsoft.com/events/webcasts/upcoming.mspx

  19. מה מקבלים? חולצת Feel The Beat השתתפות בהגרלת כרטיסי טיסה מכשירי i-mate ועוד...(לממלאים משוב לכל יום) New York! New York! איך ממלאים משוב? ב - email בסוף כל יום ב -Beat Center

  20. Recommended Sessions • INF319 – SMS 2003 Tips and Tricks • INF317 - Proactive Monitoring of Active Directory with MOM 2005 • INF316 - Management and High Availability of Virtual Server R2 with MOM • ASK304 - Ask The experts

More Related