During installation one is asked whether or not to let Microsoft Update cover the related System Center 2012 component as well. For myself I always set this option to OFF.
I’ll tell you why I choose this option. As a matter of fact there are multiple reasons for it:
1. Updating System Center 2012 requires manual actions as well
Many times when updating System Center 2012 components there are some or more manual actions required as well, like running queries, updating the web.config file etc. When Microsoft Update runs the update for you, you still have to run these actions manually and – when you’re unlucky – in an unplanned manner as well.
2. Updating System Center 2012 requires additional checks
I ALWAYS check the updates after they have been applied. In order to see the proper files got updated. In the past sometimes updates didn't land properly, like skipping the Agent deployment folders and so on. So never presume but always check.
3. Updates aren't error free
Another MAJOR reason for not using Microsoft Update (even through WSUS mechanisms!) for updating System Center 2012 is that in the past URs contained errors. Causing issues in your System Center 2012 environment. So it’s better to wait with applying an UR rather than applying it too soon. Also because rolling back an UR can’t be done, unless when running a restore of the affected systems and databases…
4. WSUS doesn't protect you
Of course, Windows Update is managed in your environment by a whole chain of WSUS servers. And patches only get through when approved. But still WSUS shouldn't be your last defence against updates. Yes, updates are required in order to keep your systems healthy and safe. But don't automate Windows Update too far. Always let the last part of the update chain be a human being with knowledge and experience of the products/technologies involved. And when all lights are green run the updates in a time frame which is chosen by you and your organization and not by WSUS.
Of course, these reasons are open to discussion. But always when I discuss this topic with my customers, these are the reasons why I advice them NOT to use Windows Update for any System Center 2012 component. At the end however, it’s up to the customer and the related policies to decide what approach to use.
Hope that post was helpful.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.