You have successfully migrated (in this instance) 10 Windows 2016 DataCenter servers. Each runs part of the Supply Chain ecosystem. They are all VMWare Virtual Servers, each with 8 GB of vRam, 2 vCPUs, and a 200 GB Hard Disk.
You migrated the systems to a private cloud instance in the Microsoft Azure subscription using AVS (Azure VMware Solution). This utilized the HCX appliance installed in the common vSphere instance that hosted these guests.
Additionally, an Edge Router was successfully installed at the company’s datacenter. The Edge router was configured with an Express Route set up to transfer migration traffic ALONE. Finally, the Edge Routers at both the local and Microsoft datacenters were set up with Microsoft Enterprise Edge for Express Route Global Reach.
You are now able to log into the newly-created vSphere instance. You see three hosts in this vSphere, and each VMware virtual guest is listed under the hosts.
In the next meeting, you demonstrate this success on a network laptop connected to the room projector. You feel that you have climbed Mount Everest! You are ready to get the ‘GREAT JOB’ and plan the celebration…
…it’s at this time that the CyberSecurity professional on the project asks you, “So, how are we going to keep these new environments patched?”
In a fit of panic, you try to review what you remember of the project planning sessions. Was this even discussed? You start looking in the Microsoft Sharepoint repository with all the company contracts for IT — you want to see if that was included in the scope of work — NOPE !!
Ok, so what does this mean for the project?
In an attempt to keep things simple, “patch management” refers to the overall system/process that will successfully ensure all involved hardware and software updates and patches are installed regularly with as little manual intervention as possible.
This presents some challenging questions. How will the following be updated in a timely manner?
⦁ Windows operating systems
⦁ VMWare vSphere operating
⦁ VMWare ESXi on the hosts
⦁ Microsoft Dynamics supply chain (the supply chain base software)
Many answers CAN work, but each solution needs to be presented concerning success rate, cost, budgeting, and testing — POTENTIAL SOLUTIONS can include:
- Microsoft Intune (how Microsoft pushes updates for all their software; this includes Windows and Dynamics)
- Microsoft AVS (they maintain updates for their hosts ESXi and vSphere instances)
A discussion of options and their plus/delta needs to happen for the next steps to proceed properly.
To conclude, “patch management” refers to the overall system/process that will successfully ensure all involved hardware and software updates and patches are installed.
DISREGARD THIS, AND HACKING RISK INCREASES TREMENDOUSLY!