Recently Searched

No results found

Tags

No results found

Document

No results found

Home Schools Topics

Log in

State of Ohio Private Cloud. Installing Patches on Windows, Linux and UNIX Servers

Share "State of Ohio Private Cloud. Installing Patches on Windows, Linux and UNIX Servers"

N/A

N/A

Protected

Academic year: 2021

Info

Protected

Academic year: 2021

Share "State of Ohio Private Cloud. Installing Patches on Windows, Linux and UNIX Servers"

Copied!

13

0

0

13

0

0

Loading.... (view fulltext now)

Download now ( 13 Page )

Full text

(1)

State of Ohio Private Cloud

Installing Patches on Windows, Linux and UNIX Servers

(2)

Table of Contents

1

Patch Management: Installing Patches on Windows, Linux and UNIX Servers ... 3

1.1

Action or Event that Requires the Procedure ... 3

1.2

Goals of the Procedures ... 3

1.3

Roles that Participate in the Procedures ... 4

2

Windows and Linux: Procedure Flow and Narrative ... 4

2.1

Installing Patches on Windows and Linux Servers ... 4

2.2

Installing Patches on Windows and Linux Servers Narrative ... 5

3

UNIX: Procedure Flow and Narrative ... 10

3.1

Installing Patches on UNIX Servers ... 10

(3)

1

Patch Management: Installing Patches on Windows, Linux and

UNIX Servers

The procedures in this document cover installing patches on Windows, UNIX, and Linux servers.

1.1 Action or Event that Requires the Procedure

The Patch Management procedures are implemented when patches are released for the operating

systems used by Ohio DAS. The operating systems used are Windows, UNIX, and Linux.

Patches are released by vendors on the following schedule:

• For Windows: Microsoft releases patches on the second Tuesday of the month. Advanced notice at

a high level is released on the Friday before second Tuesday of the month.

• For UNIX: Vendor releases Technology Level (TL) updates as needed.

• For Linux: Vendor releases Technology Level (TL) updates as needed.

This document includes the following procedures:

• Installing Patches on Windows and Linux Servers

• Installing Patches on UNIX Servers

1.2 Goals of the Procedures

The goals of the procedures are to:

• Alert all service lines and customers about patches that become available and are applicable to the

environment.

• Gain agreement to install the patches.

• Install the patches.

• Verify that the patches were installed correctly without incident.

Success is defined as:

• Installing patches as required on a regular basis for the different operating systems

• Installing patches without disruption to the various systems and without impact to security

(4)

1.3 Roles that Participate in the Procedures

The Technical Team, System Admins, and Server Owners participate in the procedures in this document.

The Technical Team can consist of representatives from Network, Security, Database, Shared Hosting,

and other areas as required.

2

Windows and Linux: Procedure Flow and Narrative

(5)

The following illustrates the interactions between OIT personnel installing patches on Windows servers.

2.2 Installing Patches on Windows and Linux Servers Narrative

(6)

Technical Team Lead

1. Receive notification of available patches.

For Windows: Microsoft releases Windows patches on the second Tuesday of the

month. Advanced notice at a high level is released on the Friday before.

For Linux: Vendor releases patches as needed.

2. Notify System Administrators.

Send patch information to the System Admins so they can complete planning for installing patches.

System Admin 3. Select applicable patches to install.

Review information about the patches and apply security guidelines to ensure mandatory patches are selected for installation.

4. Identify applicable servers.

Assess the impact of all patches to be installed. Review the patches to determine which servers are impacted.

5. Send patch and server information.

Server Owners can review the information to approve or delay particular patches on particular servers.

Server Owner 6. Review patch and server information.

Review the patch information and the impacted servers. Consider impacts of both delaying and installing patches.

(7)

7. Approve or delay?

The Server Owner may approve or delay installation of a particular server being updated with patches.

Send via email the approval and delay decisions to the System Admin.

Note: System Admins consider a non-response from the Server Owner to the patching

notification as approval to install patches. a. Approve, go to step 10.

b. Non-response, go to step 10. c. Delay, go to step 8.

d. Denied, go to step: 9.

System Admin 8. Review list of delayed patches.

Review to determine agreement with the delayed patches. If a selected patch is not to be delayed as requested by the Server Owner, inform the Server Owner.

9. Denial process required?

If the patch request has been denied, then follow the Denial process by proceeding to step 10. If not proceed to step 11.

10. Follow Denial process

If agency denies applying patches / updates, then refer them to OISP / Security team and follow ‘exception process’

Note: While OISP team follows exception process, there might be need to follow IBM

CIRATs process, as applicable. 11. Plan installation schedule.

Review maintenance windows. Installing patches must be completed around the maintenance windows of the impacted servers.

(8)

12. Submit a ticket through Customer Service Center (CSC).

Submit an After Hours Change ticket through the Customer Service Center to apply the selected patches. Patch installation is completed overnight.

Note: The After Hours checkbox on the ticket form must be selected.

Selecting the After Hours checkbox sets up the After Hours Change report. The automatically generated report notifies System Admins about the overnight installation of patches.

Note: Work cannot begin until the After Hours Change ticket is submitted through the

Customer Service Center (CSC). 13. Alert Server Owners.

Notify Server Owners (customers) via email on the day before their server’s maintenance window that patches will be installed.

Note: The notification must include the server impacted and the patch to be installed.

14. Create a baseline.

This step identifies on which servers to apply the patches. The action is completed in IBM Endpoint Manager (IEM).

15. Prepare for installation.

The patches to be installed are selected through IEM Console. 16. Install patches.

IEM installs the selected patches on the selected servers overnight. 17. Notify that patches were installed.

Inform Server Owners that the patches were installed as scheduled on their servers.

Server Owner 18. Validate the server patching. Validation includes confirming that:

• Patch installation was successful.

• No unexpected impacts occurred.

(9)

19.

20. Validated?

a. No, go to step 18.

• Yes, go to step 21.

System Admin 21. Create additional child tickets as required.

Additional child tickets are submitted to engage the appropriate support teams. 22. Solve the issue.

23. Issue solved?

a. No, go to step 16. b. Yes, go to step 21.

(10)

3

UNIX: Procedure Flow and Narrative

3.1 Installing Patches on UNIX Servers

(11)

3.2 Installing Patches on UNIX Servers Narrative

The following table describes the steps for installing patches on UNIX Servers.

ROLE STEP

Technical Team Lead

1. Receive notification of available patches. Vendor releases TL updates as needed. 2. Notify System Admins.

Send patch information to the System Admins so they can complete planning for installing patches.

System Admin _{3. Select applicable patches to install.}

Review information about the patches and apply security guidelines to ensure mandatory patches are selected for installation.

4. Identify applicable servers.

Assess the impact of all patches to be installed. Review the patches to determine which servers are impacted.

5. Send patch and server information.

Send patch information to the Server Owners so they can approve or delay particular patches on particular servers.

Server Owner _{6. Review patch and server information.}

Review the patch information and the impacted servers. Consider impacts of both delaying and installing patches.

7. Approve or delay?

The Server Owner may approve or delay a particular server being updated with patches.

Note: System Admins consider a non-response from the Server Owner to the patching

notification as approval to install patches. a. Approve, go to step 10.

b. Non-response, go to step 10. c. Delay, go to step 8.

d. Denied, go to step: 9.

System Admin _{8. Review list of delayed patches.}

Review to determine agreement with the delayed patches. If a selected patch is not to be delayed as requested by the Server Owner, inform the Server Owner.

(12)

ROLE STEP

9. Denial process required?

If the patch request has been denied, then follow the Denial process by proceeding to step 10. If not proceed to step 11.

10. Follow Denial process

If agency denies applying patches / updates, then refer them to OISP / Security team and follow ‘exception process’

Note: While OISP team follows exception process, there might be need to follow IBM

CIRATs process, as applicable. 11. Plan installation schedule.

Review maintenance windows. Installing patches must be completed around the maintenance windows of the impacted servers.

12. Submit a ticket through Customer Service Center (CSC).

Submit an After Hours Change ticket through the Customer Service Center to apply the selected patches. Patch installation is completed manually overnight.

Note: The After Hours checkbox on the ticket form must be selected.

Selecting the After Hours checkbox sets up the After Hours Change report. The automatically generated report notifies System Admins about the overnight installation of patches.

Note: Work cannot begin until the After Hours Change ticket is submitted through the

Customer Service Center (Customer Service Center (CSC)). 13. Alert Server Owners.

Notify Server Owners (customers) via email on the day before their server’s maintenance window that patches will be installed.

Note: The notification must include the server impacted and the patch to be installed.

14. Manually install patches.

The selected patches are installed manually on the selected servers. 15. Notify that patches were installed.

Inform Server Owners that the patches were installed as scheduled on their servers.

Server Owner _{16. Validate the server patching.}

Validation includes confirming that:

• Patch installation was successful.

(13)

ROLE STEP

17. Validated?

a. No, go to step 16. b. Yes, go to step 19.

System Admin _{18. Create additional child tickets as required.}

Additional child tickets are submitted to engage the appropriate support teams. 19. Solve the issue.

20. Issue solved?

a. No, go to step 16. b. Yes, go to step 19.

References

Download now ( PDF - 13 Page - 574.60 KB )

Related documents

Installation Guide NetIQ AppManager

For information about installing agents remotely on UNIX or Linux computers, see the AppManager for UNIX and Linux Servers Management Guide, available on the AppManager

Symantec NetBackup PureDisk Deduplication Option Guide

31 Installing the PDDO plug-in on Linux and UNIX media servers Establishing the PDDO connection between a Linux media server or a UNIX NetBackup media server and the PureDisk

Patching the Windows 2000 Server Operating System on S8100 Media Servers, IP600 Communications Servers, & DEFNITY ONE Communications Systems

This document provides guidance on how to apply Microsoft patches to S8100 Media Servers, IP600 Communications Servers, and DEFINITY ONE Communications Systems running the Windows

Installing HSPICE on UNIX, Linux or Windows Platforms

For example, if you unpacked the tarfile using the steps above while you were in the directory where you unpacked the latest HSPICE installation (see Installing the Software on

Running R from Amazon's Elastic Compute Cloud

Free tier (750 hours EC2 running Linux/Unix Micro Instance and 750 hours running Microsoft Windows Servers Micro

Department of Biomedical Imaging Science, Leeds Institute of Cardiovascular and Metabolic Medicine, University of Leeds, Leeds, UK 2

Applications for commercial reproduction should be addressed to: NIHR Journals Library, National Institute for Health Research, Evaluation, Trials and Studies Coordinating Centre,

RULES OF THE TENNESSEE DEPARTMENT OF HEALTH BOARD FOR LICENSING HEALTH CARE FACILITIES

(1) Pursuant to this Rule, each residential detoxification treatment facility shall maintain and establish policies and procedures governing the designation of a health

Climate Forecasts for Corn Producer Decision Making

Here we acquaint climate information developers, climate information users, and climate researchers with an overview of weather conditions throughout the year that affect

Related documents

Phytochemicals and Antibacterial Activities of Leaf Extract of Tridax Procumbens Linn on Staphylococcus Aureus and Escherichia Coli

Phytochemicals and Antibacterial Activities of Leaf Extract of Tridax Procumbens Linn on Staphylococcus Aureus and Escherichia Coli

6

0

0

Northwestern Medical Review Anatomy

Northwestern Medical Review Anatomy

15

0

0

Building global talents. Yours.

Building global talents. Yours.

8

0

0

How To Develop An Autonomously Driving Car

How To Develop An Autonomously Driving Car

29

0

0

FRQ-VitaminJTestingMethods.pdf

FRQ-VitaminJTestingMethods.pdf

8

0

0

A preliminary comparison of the neon lamp and potentiometer methods of submarine photo-electric photometry

A preliminary comparison of the neon lamp and potentiometer methods of submarine photo-electric photometry

16

0

0

HOW TO PROTECT YOUR BUSINESS AND YOUR CUSTOMERS FROM DATA FRAUD

HOW TO PROTECT YOUR BUSINESS AND YOUR CUSTOMERS FROM DATA FRAUD

12

0

0