Solved

VMware update manager vs Microsoft updates

Posted on 2009-03-31
7
1,424 Views
Last Modified: 2012-05-06
We have a series of ESX 3.5 VM's that are referenced against a dynamic VMware baseline for updates. The baseline is set to check weekly for Critical updates, another task schedules the VM scan to compare against the baseline.
With VM's remediated against the latest baseline I am seeing a larghe discrepancy between what VMware sees as required critical updates, and what microsoft feels are required critical/hi priority updates.
I understand that the updates come from different sources, but can anyone explain why they might be so vastly different?
0
Comment
Question by:agradmin
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 21

Accepted Solution

by:
za_mkh earned 400 total points
ID: 24032931
We use VMWare Update Manager, but have to say that we only use it for ESX host update management. We keep to WSUS for the MS updates. The update source VMWare Update Manager uses is by a company called Shavlik (www.shavlik.com)
It could be that they are not updating as quickly as MS pushes the updates out? But as far as I know Shavlik should be deciding as to what an update's criticallity is?
0
 
LVL 20

Expert Comment

by:jdera
ID: 24034156
If am understanding correctly, you are comparing 2 completely different things, you can't compare these the VMware updates are the vmhost platform.  The microsoft updates are for the server running on top of of the VMhost.
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 24035755
From what I've seen use VMWare Update for hosts and use WSUS for microsoft updates (it can be a VM)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:agradmin
ID: 24038400
For clarification, it is the MS Vm guests that pose the problem - we do use Update manager to update the ESX hosts.
We can use WSUS to update the VM's - are others using WSUS due to preference or resulting from similar problems with updating guests with Update Manager?
What are the advantages of using WSUS? - I like the scheduling and snapshot ability built into Update Manager.
0
 
LVL 42

Assisted Solution

by:paulsolov
paulsolov earned 100 total points
ID: 24038868
We implement WSUS for Windows OS because it's designed for Windows and not a 3rd party product so we know that it will download all the updates that we need.  Just as VMWare does a good job with Updater for the host updates we usually stick to what works for each product.  
0
 
LVL 21

Assisted Solution

by:za_mkh
za_mkh earned 400 total points
ID: 24044046
At the moment, we also stick to 'best' of breed for each application, in that WSUS for MS, and VUM for ESX hosts. But the shavlik techonology is pretty interesting (since it can manage security for so many more applications) so we are actually looking at that to see if we can manage our estate via that (regardless of whether PC is physical or virtual).
But you are right, I too like the facility to snapshot VM's before applying updates, and then automatically removing them after a predefined time. I guess to answer your question, you could maybe direct it to the shavlik (who provide the MS updates) for the VUM. You could get a better answer out of them.
Good luck
0
 

Author Closing Comment

by:agradmin
ID: 31564927
After more searching VMware/Shavlik download patches that are deemed 'Critical', where MS is downloading those rated as "Priority". The MS "Priority" patches outnumber the Vmware "Critical" hence the difference.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
Teach the user how to install vSphere Update Manager  Console to Windows system:  Install vSphere Update Manager: Configure vSphere Update Manager plug-in in vSphere Client: Verify vSphere Update Manager settings in vSphere Client:
Teach the user how to rename, unmount, delete and upgrade VMFS datastores. Open vSphere Web Client: Rename VMFS and NFS datastores: Upgrade VMFS-3 volume to VMFS-5: Unmount VMFS datastore: Delete a VMFS datastore:

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now