SLA-driven applicability analysis for patch management

Abstract

To strengthen patch management, organizations are required not only to focus on sole patch management on single server, machine or application servers, but also to consider other IT system management processes as well because patch management relies on them to be efficient. Processes such as inventory, system configurations, risk management, change management, system audit, and business cost on policy and SLA should be evaluated and enhanced together with patch management; appropriate applicability assessment of patch should be built in and coordinated with all these processes to make patch management a safe, reliable and efficient process to carry out its high profile tasks. This paper presents a patch management framework based on SLA-driven patch applicability analysis. It provides automatic patch applicability analysis and risk assessment for supporting business-impact analysis and logical control during patch process. Experimental results collected from the simulation on realistic business services case study show that SLA-driven patch applicability analysis based patch management outperforms traditional patch management. © 2011 IEEE.