General discussion

  • Creator
    Topic
  • #2253280

    Software Upgrades: To Do or Not To Do

    Locked

    by dr magu ·

    When an upgraded package / version of software comes out, do we upgrade? What triggered this is a Linux installation where such upgrades are (a) free and (b) highly automated through a ‘package manager’ called ‘yum’. I don’t believe we should necessarily upgrade every installed package while one of my colleagues feels decidedly different.

    Here’s what I wrote to him in an email. What does the community think?

    Upgrading Software

    Not just because Bill Gates says so …
    Not just because yum says so either …

    Reasons to upgrade:
    (1) There is a new functionality available in the upgraded software that you definitely need. This would include bug fixes if that particular bug is eating you.
    (2) There is an identified security risk with the software in operation and you are using the software in a way which exposes you to such this risk.
    (3) As part of a ‘farm’ wide or ‘enterprise’ wide upgrade program.

    Reasons NOT to upgrade:
    (1) The upgraded package may break dependencies somewhere. This is definitely a risk when the upgrade involves moving to a new major release. If it is deemed important to upgrade (see reasons above) you perform the upgrade, if practical, on only one machine. To test the waters as it were. Making sure you have an immediate fall-back should something break. Then, if it works, you do the whole farm.
    (2) Upgrading costs labor, therefore money. If something breaks, you may have downtime.
    (3) Even if it is a stand-alone package, i.e. Webmin on a Linux box, if the upgrade serves no operational need, it becomes make-work, costing money.
    (4) The package is installed but never used. One might argue that it should never have been installed, or should be removed. However, again, this is cost IMHO without benefit. Why is the thing there? Probably because it was part of a standardized load (Linux or Windows or Mac-OSX all come with such baggage). If it doesn’t create a problem it’s cheaper to leave it alone.

    I could go on. But in my experience, upgrading software on working systems should be done very judiciously. The cost is often underestimated. This is one of the reasons that a lot of large enterprises, at least through 2005, were still installing Windows 2000 on new desktops and laptops despite the availability of XP for a number of years. Reason? Experience. Especially with MS, a ‘routine’ upgrade too often resulted in systems being down – sometimes for a day or more.

    Notes:
    On dependencies: In an Enterprise environment such dependencies may be in places you don’t necessarily think about. Example with database engines: drivers loaded on other machines which may require upgrading to keep working. Applications specifically written for a version, which break with a new version. Seen it happen tooooo many times. In one case a ‘routine’ upgrade of Great Plains accounting caused Citrix remote access to fail all across the network. Major hassle to turn the clock back … having to go backups etc. “C” level management asking questions as to why … not pleasant..

All Comments

  • Author
    Replies
    • #2496172

      Update Now may force your hand

      by sentrywatch ·

      In reply to Software Upgrades: To Do or Not To Do

      Unless you have your PCs locked down, users may inadvertently drive your update cycle when they click on the “Updates are Ready for your computer” balloons that are now popping up with regularity.

      The consequences can be seen at http://www.pcprofile.com/Update_Now_Managing_Clouds_and_Moving_Goalposts.pdf

      The article also lets you know (for those that don’t) how to undo the changes form the Update using the System Restore Point technique.

      Microsoft is driving the issue very hard at present (under the cover of security/DRM) and as other software vendors follow then the issue for IT personnel will bring significant unwanted and unnecessary work overload as updates flood the market with “security” (smokescreen words apply here) “fixes”.

      The amount of ?security updates? appearing has risen rapidly over the last few months prior to the release of Vista using both IE7 and Media Player 11 and “security issues” as a smokescreen to allow them to get you to “validate your copy of Windows”.

      If you have legal copies there is no problem, but if you don’t…… then you won’t have long to wait for the crippling effects to start taking effect.

      The bottomline with Updates?

      Make sure you pick CUSTOM rather than Express so that you can check and see what is being installed BEFORE, so that you can control what is installed. Some desktop users may not be so tech savvy!

      • #2496024

        Use WSUS to Avoid This

        by billbohlen@hallmarkchannl ·

        In reply to Update Now may force your hand

        To avoid users inadvertently installing patches in a corporate environment, use a WSUS server. It’s free and pretty easy to set up.
        If you have Active Directory in place, you can use group policy to control whether users get any update notifications, and you have complete control over what updates get pushed out. We’ve even created test groups so that we can deploy patches to IT early and test them.
        If you don’t have Active Directory, you can use some kind of logon script to adjust the registry on your machines to the settings you want.

        • #2495432

          Some businesses cant handle WSUS

          by lasersteel ·

          In reply to Use WSUS to Avoid This

          I agree at larger shops WSUS is the way to go to minimize the risk, however the reality for small businesses is that they don’t have the necessary staff or IT personnel with expertise that can handle the technical aspects of setting up WSUS.

          Many have relied on the plug and play mindest promulgated and now are plug and “paying” without realising the downstream implications.

        • #2497153

          WSUS

          by siva_dj ·

          In reply to Use WSUS to Avoid This

          Can You just help me out to configure WSUS in normal windows 2003 server which has not having Active Directory .

      • #2496623

        Windows Update

        by wizard prang ·

        In reply to Update Now may force your hand

        Agreed. Having worked for years to persuade the user community that they can trust MS to update their computers automatically, MS then rolls non-security-related updates into the systems. From where I am standing this is an abuse of that trust.

        Another example is MSs shoehorning IE7 into Windows update. This may be a good thing, but some users do not want to change their browser just because MS things that it is time.

        No machine that I have authority or discretion over has Windows Update configured in “blind trust” mode… even though that requires a little more work.

        My Ubuntu box requires a little bit of thought before upgrading… but so far they have not added anything that I would object to.

    • #2496171

      ERP System Upgrade

      by townsenda ·

      In reply to Software Upgrades: To Do or Not To Do

      We have advised our client on JDE World to upgrade because of better functionality, features that have dated the older versions are now available e.g. web enablement and colour screens (for the Smith & Wesson – click and point – brigade).
      However beware of licencing implications – upgrade paths may mean switching licence calculation methods. Oracle have been good with promises of no extra costs for those who want upgrades – just continue to pay the maintenance fees.
      With ERP systems I would say that it makes no sense to remain on old releases especially with your SOX and and our IFRS requirements.
      The bottom line however is “is it fit for purpose” a concept engineers know but not IT personnel.

    • #2496026

      Upgrading versus Not

      by billbohlen@hallmarkchannl ·

      In reply to Software Upgrades: To Do or Not To Do

      We have semi-annual projects to audit all software and determine whether upgrades are necsssary. This includes assessing all of the risks vs. benefits you mentioned. We also try to assess whether switching to another vendor would provide any benefits at that time.
      One of the hidden dangers we’ve found of not upgrading is that the older your software gets, the harder it is to upgrade. In some cases even if you are only a couple of minor versions behind, the upgrade process is almost worse than simply “starting over”.
      It seems as if software manufacturers are encouraging this by coming up with new releases more often. Back in the old days, you would be lucky to see a major software update once a year. Now it seems like everyone is putting out service packs and hotfixes like it is going out of style.
      One of the hidden benefits of upgrading regularly is that it trains your IT staff on the logistics of doing it in a timely, orderly, and documented manner.

      • #2504196

        Semi Annual Review sounds good …

        by dr magu ·

        In reply to Upgrading versus Not

        As long as you recognize that as the cost of doing business. Also, my caveat stil stands that one should be very wary of sometimes undisclosed dependencies. The more specialized or ‘custom’ software you have, the greater the risk. One specialized publishing package I used to deal with was heavily integrated with QuarkXpress. When we ordered new ‘puters and an updated Quark came with them, it broke the application. We now had to find previous versions. You may argue that the vendor of the integration package should have been more on the ball, however, reality is frequently different.

        As far as upgrading as a training exercise, sure. I am all for upgrading in an orderly manner. It is the knee-jerk reaction ‘must-upgrade-now’ that I have an issue with.

    • #2495464

      LET IBM SOLVE THIS ONE FOR YOU

      by balthor ·

      In reply to Software Upgrades: To Do or Not To Do

      I could not imagine anybody but the experts installing and maintaining our factory’s machines.Let the experts install and maintain your company’s computer network.

    • #2495427

      Virtualized Applications

      by glenmy ·

      In reply to Software Upgrades: To Do or Not To Do

      Absolutely, Willy!
      It is very costly to upgrade OS’s and applications when things break unexpectedly all over the place. This is why the next “big trend” in software is likely to be virtualized applications (please excuse my “shill mode” tone). If you can take an app and bundle it with its dependencies/configuration settings, then you can be confident it won’t break when you patch the OS (even you admit that under some circumstances you have to run the upgrade). And, if you virtualize the application, you can “undo” application upgrades very painlessly when they don’t work right.
      I happen to work for Trigence, which offers virtualization for Linux & Solaris, but Microsoft liked the idea so much that they bought Softricity (which sort of does virtualization as I describe for Windows desktop apps).
      If you are going through “upgrade hell” you really should look into this.

      –Glen

    • #2497161

      compliment

      by sunnydj29 ·

      In reply to Software Upgrades: To Do or Not To Do

      it’s a wonderful article

      • #2498839

        Thank you.

        by dr magu ·

        In reply to compliment

        Glad you liked it. It is an important topic, and reasonable people can and do disagree.

Viewing 5 reply threads