VMware patchable objects

Could you list which elements of a typical vmware setup that utilises vcenter esxi and windows guests require patching? So vcenter patching, host patching, and guest patching, specific the vmware what needs patching, and any idea on the frequency of the patches released?
LVL 4
pma111Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Security Updates (patching)

1. Windows Guests (every month, when Microsoft release patches on Patch Tuesday)

2. vCenter Server (new versions e.g. 4.1 U2, 5.0 U1) VMware very seldom releases patches for vCenter Server, but releases new builds, so you can do a complete upgrade. As for timescales, vSphere 5.0 Update 1  Released 15 Mar 2012, vSphere 5.0 | Released 24 Aug 2011

3. Hypervisor Updates (ESXi), Security Updates and Fixes are issued.  If we look at ESXi 5.0

there have been several patches

Build Number: 474610 Release Date: :  09/13/2011 (patches to ESXi 5.0)
Build Number: 504890 Release Date: :  11/03/2011 (patches to ESXi 5.0)
Build Number: 515841 Release Date: :  12/15/2011  (patches to ESXi 5.0)
Build Number: 623860 Release Date: :  03/15/2012 (this is ESXi 5.0 U1)

All patches can be checked here

http://www.vmware.com/patchmgr/download.portal 

So with the Hypervisor, it could be a patch every month from release.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pma111Author Commented:
Is there anything vmware specific on the guests that needs patching from vmware? Your 1 seems specific to MS updates nothing on guests around vmware.

Cheers!
0
PaulNSWCommented:
You should also check for firmware/BIOS updates for the hardware running this environment.

Re 1: Each VM will have "VMWare Tools" installed, providing enhanced drivers for Video, Network, Mouse etc.

You generally only have to update this with every major VMWare update
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
every host update may have a new version of vmware tools, which could be applied to the guest vms.
0
pma111Author Commented:
And is there 1 tool that can patch all 3 (vCenter, Host, vmware tools on guest) and provide management overview on whats at what level, whats missing what patch? If there is 1 tool a copy or screenshot of a sample report would be ever so helpful!
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
No not really, VMware Update Manager patches the host.
0
pma111Author Commented:
Would update manager show which hosts are missing patches? Is it a report format thats management freindly?
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, Update Manager would show which updates. VMware issues Security Updates, which changes the Build Number of the OS, you could say a change of service pack. A Security Build Update contains many security fixes and bug fixes.

I do not think the Report is management friendly.
0
pma111Author Commented:
Would you be willing to share a screenshot of a report for reference?

Also > where can you see the build number? And where can you see from vmware the latest build numbers.
0
pma111Author Commented:
Is update manager part of vcenter, or an additional tool that requires additional $$
0
pma111Author Commented:
And are the patches released for vmware tools on guests security related, or something else? How often are they released?
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Ive never seen any VMware Tools updates on their own.

Tools are sometimes included with host updates, eg new host update, it may have new tools as well.
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
update manager is included with vCenter.

build numbers are shown on the host summary, see previous ESX, ESXi question.

build numbers arevavailable on vmware patch portal.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.