We're starting to use Symantec LiveState Recovery Adv.
Server. It allows you to take a snapshot in time of
the server, just prior to applying security updates
and service packs. If you have VSS, it can even backup
the VSS-enabled databases without taking them offline.
They also support V-to-P and P-to-V. Very nice for
integrating with VMWare and/or Virtual Server.
There's an online forum, www.boardfish.com, that is
dedicated to Symantec products. So, if you'll like to
discuss this particular solution more, I'd suggest
starting a thread there.
Good luck
--- StefanDorn@bankcib.com wrote:
If you have any spare hardware for it, setting up a
small test environment
can help, especially if you are running any custom
software on your
servers. That way, you have another layer of
protection against the
update(s) you are installing blowing your production
servers out of the
water. The initial cost of setting up a test server
should pay for itself
shortly by saving you a few "oh, crap" moments each
year.
As far as testing the patches on a test system goes,
you just want to run
a server through all possible scenarios. Run
everything that you expect to
work on a regular basis, test any services that the
server provides to end
users, and so on.. checking your event log and any
application specific
logs for errors is probably the easiest route for
that.
And of course, always read release notes for any
known issues or conflicts
introduced by a patch.
Stefan Dorn
Murad Talukdar <talukdar_m@subway.com> wrote on
01-09-2006 11:06:22 PM:
Hi all,
I wanted to get a few ideas of what people do to
test their systems once
they have applied a patch/hotfix.
Currently I pull one of the hotswap drives that
has the OS mirrored on
it
and then let it run with the patch applied for a
few days/week before
letting it rebuild.
In that time I will check things like event
logs/performance and do some
general 'listening' for any issues.
Does anyone have a more scientific method? What do
you keep an eye on?
Also,
Do you actually ever check whether the
vulnerability(for example) that
the
patch was designed to thwart has actually been
plugged?
In the last two years I've only had one instance
of a patch causing an
OS to
fail--and then just removing and then reapplying
the patch seemed to
work
just fine. However, I don't want to get
complacent.
Kind Regards
Murad Talukdar
---------------------------------------------------------------------------
---------------------------------------------------------------------------
PRIVACY NOTICE: This e-mail message, including any
attachments, is for
the sole use of the intended recipient(s) and may
contain business confidential and
privileged information. Any unauthorized review,
use, disclosure or distribution is
prohibited. If this e-mail was not intended for
you, please notify the sender by reply
e-mail that you received this in error. Destroy all
copies of the original message and
attachments.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
