Solved

What is the best approach to implement a patching solution for servers if you have two sites?

Posted on 2013-12-21
5
422 Views
Last Modified: 2014-01-23
We have site A and site B. Both two seperate network segments but both sites can communicate across the WAN with each other. We are trying out Shavlik Protect 9 as a patching solution for our servers (all Windows VMs). What is the best approach in setting up a patch solution for both sites? So far, I got the console loaded only on one site (site A). Should the Shavlik console also be installed on Site B? I can deploy patches from site A to site B, but that is going across the WAN, which is slower. What should my approach be?
0
Comment
Question by:jaedenone
5 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
Comment Utility
It is best to use a Single Path solution and Management Console for ALL servers, you can define groups in Shavlik, e.g.

Site A and Site B, and the Shavlik console would then hold all the updates and be a repo, for all sites.

Deploy Patches at night, out of core hours, how slow is your WAN?

Does internet access run over the same WAN, because another Shavlik installation, would create a duplicate repo (store) of the updates, and it would download them all over the WAN.

Once you are up to date with patches, Updates are quite small.
0
 
LVL 8

Expert Comment

by:piyushranusri
Comment Utility
here is the main point is WAN bandwidth

its not recommended to run updates on windows vm, from one site to another site.

here you should take a test of WSUS configuration.



please share the output
0
 
LVL 19

Expert Comment

by:compdigit44
Comment Utility
As other experts have mentioned you should control / approve your update from one site but at the other site you should cache the approved updates so client will connect to their local update server instead of the remote server. In WSUS this is a upstream downstream set up...
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
How do disable only TLSv1.0 in Oracle Sun One 7.1 Server 9 32
SIEM traffic 5 24
Vmware 5.5 3 21
VMWARE ESXI LAB images 9 38
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Teach the user how to install ESXi 5.5 and configure the management network System Requirements: ESXi Installation:  Management Network Configuration: Management Network Testing:
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now