After the sizable set of updates (12-16 on my various Windows machines) last Patch Tuesday that I documented in Wednesday’s blog “First Patch Tuesday August 9…” I found myself pondering once again the incredible value that automated deployment tools bring to IT environments of any size. Not only can these tools — which include the likes of LANDesk, Altiris, CA Unicenter, and Microsoft Configuration Manager to name just a few — push updates out to desktops on a tightly scheduled basis, they can also roll back machines to a pristine, pre-update state, should anything prevent their successful application (and also perform rollbacks after the fact, if hitherto undiscovered difficulties should rear their ugly heads later on down the road).
In addition these toolsets can also apply service packs, home-grown or third party applications updates or upgrades, tally up hardware and software inventories and attributes, and manage licenses. Some of them extend these same functions to centrally managed mobile devices such as smartphones or PDAs as well.
It stands to reason that because enterprises need time to deploy patches in a test lab, and make sure they break nothing in the standard environment (or interfere with home-grown systems and applications), they also need capable tools to speed deployment of such patches and fixes as survive the testing and vetting processes. And because so many organizations work within tightly scheduled update windows that typically occur anywhere from once a month to once per quarter, they need smart tools that can work within those windows and provide intelligent rollback and recovery methods should anything go wrong before the window closes.
As we all know, it’s imperative for employees and systems to get back to work as soon as the update window closes and operations resume. Better to fail gracefully and fix problems during the next window, than to have anything prevent normal business operations from resuming on schedule in any kind of enterprise.