Manualshelf

Patch Management User Guide for HP-UX 11.x Systems

ManualsBrandsHP ManualsSoftwareHP-UX Software Assistant
41424344454647484950
HP service contracts
If you would like assistance with your patch management work, you can purchase a Mission
Critical level HP service contract. This entitles you to a proactive service called patch analysis.
In patch analysis, an HP support engineer furnishes you with a custom list of recommended
patches. At the Mission Critical (highest) contract level, your assigned HP engineer even helps
you define a patch management strategy based on the software change management principles
defined in this chapter. For more information, visit the HP Software Support Services website at
http://www.hp.com/hps/software.
Patch management and software change management strategies
Patch management is a complex topic. Because of the complexity, there is not one right way to
perform patch management. If you ask 10 patching experts to describe their approach to patch
management, you will likely get 10 different answers. You must determine which approach to
patch management works best in your situation based on your particular environment and your
constraints.
This section discusses software change management and recommendations, as well as the three
basic patch management strategies among others:
Proactive patch management strategy
Reactive patch management strategy
Security patch management strategy (Advanced Topic)
You might find that one of these strategies is a good fit for your organization. In most cases, a
customized combination works well. For example, you could select a reactive patching strategy
for most patching, but proactively patch your most update-sensitive areas. Security patch strategies
often do not fit within the proactive or reactive strategies. In these cases, you need to follow a
different strategy. Again, there is more than one path to creating an acceptable patch management
strategy.
For your convenience, HP has created six Patch Usage Model flow charts that illustrate the high
level steps you would follow for six basic patch management strategies. These Patch Usage
Models can be found in Appendix A (page 94).
Establishing a software change management strategy
This section outlines a set of patch management strategies based on use and tolerance for down
time. There is always a risk that software patches that have been successfully tested in a controlled
environment will cause problems when applied to a new configuration. For this reason, it is
important to limit the number of changes made to a target system.
The first step in defining your strategy is to determine what level of software change management
you want to implement. HP has developed three strategies for dealing with software change
management in mission critical environments. These strategies are based on operational
requirements. The same concepts apply just as well to non-mission critical environments.
The following are three strategies for software change management. These strategies are described
in Table 4-1: “Operational factor and patch management strategy matrix” (page 46):
Restrictive
Conservative
Innovative
HP service contracts 45