Manualshelf

Patch Management User Guide for HP-UX 11.x Systems

ManualsBrandsHP ManualsSoftwareHP-UX Software Assistant
41424344454647484950
4 Patch management overview
Patch management is a process used to ensure that the appropriate patches are installed on a
system. Patch management is becoming increasingly important for users of all types of systems,
from desktop systems to mission-critical servers.
Industry experience has shown that failures in patch management can lead to financial loss, loss
of data, exploitation of security vulnerabilities, and other negative consequences. Problems such
as these can damage an organization's reputation, and can even result in legal consequences.
Because of this, many organizations are finding that having a robust patch management process
in place is no longer optional. Additionally, many of these organizations require their overall
patching strategy to include a proactive patching component similar to the one presented in this
chapter.
Although patch management should be a topic of concern to all users, a robust patch management
strategy is especially important if the environment includes any of the following:
Mission-critical systems
Can lessen exposure to a variety of risks.
Large number of systems
Can result in more efficient and effective patching.
This chapter presents some basic patch management strategies and concepts. Some of the concepts
are general in nature, whereas others are specific to patching HP-UX systems.
Patch management life cycle
The following list presents the primary functions of a patch management life cycle:
1. Following a formal patch management strategy.
You should develop and follow a formal patch management strategy, incorporating the
appropriate concepts to meet your availability needs. Ideally, your strategy should include
proactive patching, reactive patching, and a separate plan for security patches. These topics
are described later in this chapter.
2. Identifying and acquiring patches.
First, determine which patches you need in various circumstances:
If you encounter a problem, you must determine which patches you need to resolve it.
Monitor the systems regularly to determine whether there are security patches or critical
patches available for a system, or whether warnings have been issued against installed
patches.
The HP-UX Software Assistant (SWA) Tool can help you identify security patches
applicable to systems, as well as patches with warnings. For more information, see
Chapter 8: “Using HP-UX Software Assistant for patch management” (page 85).
If you download patches using the HP IT Resource Center (ITRC), you will be sent
an email notification if a warning is issued against any patch you downloaded. For
more information, see Chapter 6: “Using the IT Resource Center” (page 55).
Determine whether the patches chosen for installation require additional patches or
other software to satisfy dependencies. The ITRC Patch Database can help you with
this task.
42 Patch management overview