After reading a recent Register article (Microsoft preps update everything patch batch) it got me thinking. How many organizations actually manage the Windows update patching process to minimize impact on users? Microsoft will be delivering seven bulletins today, Tuesday 11 March, 2013. There’ll be many users grimacing at the sight of the Windows Update message in the coming few days, followed by a frustrating period of inactivity as our systems go through the update process and inevitable reboots. This is of course an essential part of systems management and to a larger degree users are expected to suck it up as companies are not likely to want to leave themselves vulnerable to security risks as an alternative to upsetting their users.
As a user who uses their laptop as a live notepad (i.e. all open docs, emails and browsers act as an item on my live to-do list and must be dealt with at some point this week). I find it insanely annoying when I have to save and close all items down and then try and remember what needs to be dealt with. I am the user that constantly chooses the ‘Remind me in: 4 hours’ option.
In Windows 8, they’ve opted for a more forceful approach. After three days of reminding you your PC needs to restart to finish installing updates, it will just tell you it will restart in 15 minutes, so get your skates on and save your work before you lose it.
It doesn’t have to be that way.
1E NightWatchman Enterprise has integrated patch management allowing you to gracefully apply patches overnight and reboot PCs to complete the patching process, minimizing disruption to user during the working day. And, it saves their open data prior to the reboot to further minimize disruption and annoyance.
NightWatchman has Wake-on-LAN technology built in to wake machines out of hours to apply patches. The key challenge is that not all power management solutions allow you to cleanly restart PCs after applying patches. The alternative (and often common) scenario means the user is forced to reboot during the working day to complete the cycle.
To assist with best practices around remediating and testing patches, NightWatchman groups PCs by organization and location meaning you can stage deployments by system groups and priority. You can starting with smaller, lower risk groups, validating that no problems occur with the updates, and then work your way to larger and higher risk areas of the network.
NightWatchman Enterprise is tightly coupled with, but not exclusively to, Microsoft’s System Center Configuration Manager (ConfigMgr) – 2003 to 2012 SP1 (read the technical brief here). It integrates with the ConfigMgr console for on-demand wake-ups and client policy refresh to a single client or a collection of clients and you can use group policy or command line to configure settings. NightWatchman also integrates with a number of other systems management solutions.