?
Solved

VMware update manager vs Microsoft updates

Posted on 2009-03-31
7
Medium Priority
?
1,449 Views
Last Modified: 2012-05-06
We have a series of ESX 3.5 VM's that are referenced against a dynamic VMware baseline for updates. The baseline is set to check weekly for Critical updates, another task schedules the VM scan to compare against the baseline.
With VM's remediated against the latest baseline I am seeing a larghe discrepancy between what VMware sees as required critical updates, and what microsoft feels are required critical/hi priority updates.
I understand that the updates come from different sources, but can anyone explain why they might be so vastly different?
0
Comment
Question by:agradmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 21

Accepted Solution

by:
za_mkh earned 1200 total points
ID: 24032931
We use VMWare Update Manager, but have to say that we only use it for ESX host update management. We keep to WSUS for the MS updates. The update source VMWare Update Manager uses is by a company called Shavlik (www.shavlik.com)
It could be that they are not updating as quickly as MS pushes the updates out? But as far as I know Shavlik should be deciding as to what an update's criticallity is?
0
 
LVL 20

Expert Comment

by:jdera
ID: 24034156
If am understanding correctly, you are comparing 2 completely different things, you can't compare these the VMware updates are the vmhost platform.  The microsoft updates are for the server running on top of of the VMhost.
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 24035755
From what I've seen use VMWare Update for hosts and use WSUS for microsoft updates (it can be a VM)
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 

Author Comment

by:agradmin
ID: 24038400
For clarification, it is the MS Vm guests that pose the problem - we do use Update manager to update the ESX hosts.
We can use WSUS to update the VM's - are others using WSUS due to preference or resulting from similar problems with updating guests with Update Manager?
What are the advantages of using WSUS? - I like the scheduling and snapshot ability built into Update Manager.
0
 
LVL 42

Assisted Solution

by:paulsolov
paulsolov earned 300 total points
ID: 24038868
We implement WSUS for Windows OS because it's designed for Windows and not a 3rd party product so we know that it will download all the updates that we need.  Just as VMWare does a good job with Updater for the host updates we usually stick to what works for each product.  
0
 
LVL 21

Assisted Solution

by:za_mkh
za_mkh earned 1200 total points
ID: 24044046
At the moment, we also stick to 'best' of breed for each application, in that WSUS for MS, and VUM for ESX hosts. But the shavlik techonology is pretty interesting (since it can manage security for so many more applications) so we are actually looking at that to see if we can manage our estate via that (regardless of whether PC is physical or virtual).
But you are right, I too like the facility to snapshot VM's before applying updates, and then automatically removing them after a predefined time. I guess to answer your question, you could maybe direct it to the shavlik (who provide the MS updates) for the VUM. You could get a better answer out of them.
Good luck
0
 

Author Closing Comment

by:agradmin
ID: 31564927
After more searching VMware/Shavlik download patches that are deemed 'Critical', where MS is downloading those rated as "Priority". The MS "Priority" patches outnumber the Vmware "Critical" hence the difference.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Upload an ISO image to a VMware datastore for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere Host Client, and checking its MD5 checksum signature is correct.  It's a good idea to compare checksums, because many installat…
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This Micro Tutorial walks you through using a remote console to access a server and install ESXi 5.1. This example is showing remote access and installation using a Dell server. The hypervisor is the very first component of your virtual infrastructu…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question