Patching and updating your computer components can be a simple process or one that can bring significant challenges. In this video, you’ll learn about updating your operating system, firmware, drivers, and much more.
<< Previous: Segmenting the NetworkNext: Configuring VLANs >>
On our computing systems, the only constant is change. There are constant operating system patches, application updates, and other changes that always have to be applied for one reason or another to our systems. And in this video, we’ll look at the process for performing patches and updates in your environment. There are so many different things that need to be patched in a computer. There’s the operating system itself.
You probably have many applications that have updates constantly. And of course, the drivers that run the hardware of your computer often need to have updates to those as well. It is a process that is ongoing. It is one where you are getting updates at least once a week for most computers, and certainly once a month for your operating system. If you’re updating your system at home, it’s probably not a big deal.
You update your local system, you click a button, your system reboots, and you’re back to where you were. But in the business environment, it’s a lot different. A single patch could disrupt one or many different applications you use to perform your daily functions. So you generally have to test this before you apply the patches. You don’t want to apply this update to thousands of devices and then suddenly realize that that patch breaks a very important application.
This is one of the things that makes a central management for patching very important. You can go to one central console and apply that patch and push it out to all of the other systems that are in your environment. You can see what version of software people happen to be running. You can apply the patch to, perhaps, individuals instead of large groups, and you can deploy it in a way that makes sense for your environment.
Updates to the core operating systems of our devices tend to occur about once a month. This gives you a chance to download the update, test it, make sure it works apply it to all of your devices, and then you’ve got another month to wait before you go through that process again. These patches are always provided by the manufacturer. So for Windows, you’re going to get all your patches from Microsoft. For Mac OS, you’ll be getting your updates from Apple.
And for any Linux, it’s coming from the community at large. There is usually functionality changes and security changes involved in these patches, so you’ll want to look at the release notes for the patch update to know exactly what’s going to be changing once you apply this patch to your operating system. A patch that does not occur quite so often would be something like a firmware update. This might be the BIOS of your computer or the firmware for a piece of hardware you happen to be using.
This is changing the software that’s running on that piece of hardware. We generally refer to these as embedded systems because it’s not a full blown operating system. We don’t have access to it, it’s really just used by that particular device. These updates tend to be bug fixes but there could possibly be enhancements to the hardware. This is one of those cases where you really have to be careful when updating because making a change to your firmware could have a dramatic impact on the usability of that piece of hardware.
Another update that you don’t see happen a lot is one for a device driver. This is the software that interfaces our operating system to the hardware itself. Device drivers are usually only updated if there’s something like a bug fix or if you need a different operating system version. We also see device drivers being updated more for certain kinds of hardware than others. For example, you might see a video driver updated a lot more than something like a network interface card.
Sometimes a device driver update might include new features or configuration settings for a piece of hardware. Occasionally the update to this might change the configuration of your device and that might create problems for you using that particular piece of hardware. Or this might be solving significant problems in the usability of that hardware. So make sure you look at the release notes to know exactly what’s going to change when you update this device driver.
Sometimes a manufacturer will tell you that the device driver update is a minor update or it’s a major update. Different manufacturers use different terminology to describe the type of update that it happens to be. A minor update might only include bug fixes for existing features and you’re not adding new capabilities to the hardware or to the device driver configuration.
In those cases, you would not expect the device driver to change anything with your configuration, but of course, you should always test before deploying any change in your operating system. Many operating system updates will include vulnerability patches. There is a security issue with the operating system and this particular patch is going to close that particular vulnerability hole. This is one that is generally going to be pretty high priority.
You don’t want people gaining access into your private systems, so you want to be sure to close up any of those security holes as quickly as possible. But of course, before you deploy this, you still have to test, so generally your testing is going to take a very high priority so that you can then get the deployment of that patch done as quickly as possible. Whenever you’re patching something like an operating system, an application, a device driver, or anything else that’s going to make such a major change to the operation of this device, you want to think about how you’re going to deploy it and, perhaps more importantly, how you’re going to revert from that deployment if you run into any type of problem.
So you need to have a backout plan always in place. Also think about doing backups before you upgrade. Backup the operating system. If this is a router or a switch, back up your configuration, and perhaps have an older version of that software on hand in case you do need to go back to the original configuration. And after you’ve deployed it, go through normal testing. You should have an idea of exactly how this device should be working, and you can try to install or run any of your important applications to make sure everything is running after the patch as well as it was before the patch.