Do you have a host update policy?

DigitalDarragh · ‎10-02-2012

Hello,
IN an environment of 6 clusters with about four hosts per cluster, would you suggest that an update policy for hosts should be implemented?
At the moment, hosts are updated when time is available but there is no specific schedule. Also, when the opportunity presents itself to update all hosts in a cluster, all updates are applied. This means that a security patch that is four days old could potentially be installed to a live cluster for example.
Based on documents such as the one linked to below, minor updates should be applied as soon as possible but I am wondering what is the recommended best practise?
http://www.vmware.com/support/policies/upgrade.html

We left it a while before installing 5.0U1 but while doing that I installed all other minor updates regardless of when they were released. Would this be a mistake? Should I have waited a month before applying the security updates?

My thinking is that if there are patches to resolve bugs or security issues they should be applied as soon as possible. Patches that add functionality should be left for a while before applying them to production systems.

Thanks

JCMorrissey · ‎12-15-2012

Hi,

Certainly in terms of what i have found in my customer engagements in the main the standard update policy we've looked to apply is as you've mentioned eg update security patches more frequently than general (more additional functionality-based) environments. That said i've been dealing in highly regulated

environments so the norm would be the cover ourselves first and foremost from a security perspective but its sensible practice. Worth giving yourself the additional time in UAT to test any new functionality elements.

Please consider marking as "helpful", if you find this post useful. Thanks!... http://johncmorrissey.wordpress.com/

All

Do you have a host update policy?