Walkthrough: Basic Microsoft Windows patch analysis

This topic walks you through the process of using TrueSight Server Automation to analyze the Microsoft Windows systems in your environment to see if there are systems that require patches and updates. 

This topic includes the following sections:

• • Introduction
  •  
  • What is patch management?
  • What does this walkthrough show?
  • What do I need to do before I get started?
  • How to patch Windows systems
  • Wrapping it up
  • Where to go from here

Introduction

This topic is intended for system administrators. The goal of this topic is to demonstrate how to perform basic patch analysis for Windows systems using TrueSight Server Automation. 

• Patch analysis is the process of figuring out which systems need which patches. 
• Patch remediation is delivering those fixes to the operating system or application, and is described in a different walkthrough. 

TrueSight Server Automation supports analysis, download, and deployment of patches for all of the major operating systems.

What is patch management?

Patch management refers to the acquisition, testing, and installation of patches to ensure that servers are always in compliance with organizational policies.

Due to the number of servers being managed, multiplied by the vast amount of patches released by the software and OS vendors, patch management has become one of the most time consuming tasks for many IT organizations. TrueSight Server Automation automates the process of building and maintaining a patch repository, analyzing target servers, and, if necessary, packaging and deploying patches. At the end of the process, reports are available to show compliance.

What does this walkthrough show?

This walkthrough shows how to use a Patch Analysis Job to identify missing critical patches on Windows 2008 servers. The Patch Analysis Job created in the walkthrough:

• Is based on an existing patch catalog
• Uses a single include list based on the patch smart groups set up in the Setting up and managing a patch catalog for Windows walkthrough.
• Does not create "remediation artifacts," which are created in a later walkthrough
• Sets up notifications for the administrator in charge of Windows patching
• Runs on a recurring schedule to obtain the latest patches

The walkthrough also shows how to view Patch Analysis results for Windows 2008 systems and to determine which critical patches need to be applied.

What do I need to do before I get started?

• For this walkthrough, you need various authorizations. You can log in and perform these tasks as BLAdmin, the TrueSight Server Automation superuser, but BMC recommends a more restrictive approach to granting authorizations. Ideally, you should set up a role that is granted only the authorizations needed for patch management. To learn how to restrict access, see Walkthrough-Restricting-permissions-for-a-patching-administrator.
• You must have also created a patch catalog (described in a separate walkthrough).

How to patch Windows systems

Wrapping it up

We have seen how TrueSight Server Automation manages the analysis of patches for the Microsoft Windows operating system. Now that you have all information regarding the patch level of the servers, you can decide to remediate them by packaging and deploying the missing patches and hotfixes to the servers. 

Where to go from here

Walkthrough-Basic-patch-remediation