Patch Management User Guide for HP-UX 11.x Systems (5900-3011, April 2013)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP-UX patches and patch management
- 2 Quick start guide for patching HP-UX systems
- 3 HP-UX patch overview
- 4 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 5 What are standard HP-UX patch bundles?
- 6 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 7 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 8 Using HP-UX Software Assistant for patch management
- 9 Using Dynamic Root Disk for patch management
- 10 The Patch Assessment Tool
- 11 Support and other resources
- A Patch usage models
- Glossary
- Index
• Change Management
Covers all processes and standards used to manage data center operations.
• Test Environment
Includes systems, software, and equipment used to support the production operations. The test
environment is used to evaluate changes before they are put into production.
Table 6: “Recommendations based on strategy” (page 49) offers recommendations to help you
implement your chosen software change management strategy. Consider using DRD for all three
strategies listed in Table 6to reduce downtime, perform maintenance during regular business hours,
and provide an efficient way to back out changes if necessary. See Chapter 9 (page 89) for more
details.
Table 6 Recommendations based on strategy
Test EnvironmentChange
Management
Reactive PatchingProactive PatchingOS & ApplicationsStrategy
Dedicated
equipment that
Formal plan with
explicit roles and
responsibilities.
Make fewest
changes possible
to restore
function.
Use only
thoroughly tested
patches with the
highest level of
exposure.
Stable release,
available for one
year or more.
Restrictive
matches
production
environment,
Prepared plan to
back out changes,
if necessary.
Perform full
diagnostic
including
simulated loads.
Documented
disaster recovery
analysis before
attempting a
solution.
plan that is
updated and
tested at least
yearly.
Dedicated
equipment that
Formal plan with
explicit roles and
responsibilities.
Make fewest
changes possible
to restore
function.
Use only
thoroughly tested
patches with
substantial
exposure.
Stable release,
available for six
months or more.
Conservative
matches
production
environment.
Prepared plan to
back out changes,
if necessary.
Perform full
diagnostic
analysis before
attempting a
solution.
Test or
development
Established roles
and
responsibilities.
Focus on
restoration of
function.
Carefully review
patches for risks
and benefits.
Stable release,
available for two
months or more.
Innovative
equipment or off
Limit number of
concurrent
changes.
hours on
production
environment.
Consideration of HP patch rating
Regardless of the type of patching strategy you choose to implement, you should include a policy
detailing when it is appropriate to select patches for each HP patch rating. Based on rating alone,
it is always appropriate to select a patch rating of 3, but under what circumstances will you allow
patches rated 2 or 1 to be installed?
For more information about HP patch ratings, see “HP-UX patch ratings” (page 36).
Patch management and software depots
Users with multiple systems generally find that, regardless of the type of patching strategy they
choose to implement, patch management is best accomplished by managing patches in centralized
software depots. You should maintain one depot for each set of similarly configured systems. You
Patch management and software change management strategies 49