The gilt comes off virtualisation €“ or does it?

Share

Virtualisation has been a no brainer – until now. The stupid blunder by VMware in leaving a “time bomb” in the code of its latest upgrade should give us all pause for thought.

Poor business processes meant that code which time limits the beta release was left in the latest upgrade to VMware. The result was that around the world new virtual machines could not be started from 12 August.

CEO Paul Maritz’ efforts to placate angry users beg as many questions as they answer. The obvious, an easy question to ask, is why the processes at VMware were so sloppy?

The second, and more difficult question, should be asked of the IT departments that were affected by problem – that is, are properly testing their virtual machine installations and their patches before they go into production?

Patch management has always been an issue for IT departments – whether it is for operating systems or applications. The same should be true for virtualisation products.

Perhaps we have let our standards slip. Perhaps the drive by the software suppliers, led by Microsoft, to bundle up patches and encourage installation either automatically, or with a minimum of testing, has meant a shift away from best practice.

It would be churlish to blame the software suppliers for rationalising the delivery of updates and patches. They were responding to demands from IT departments for predictability in their workloads and also trying to bring some supply side order to the escalating IT security war.

IT departments like to know when they will have to install upgrades. They want to plan their work schedule. They don’t want to be vulnerable to zero day attacks, so they do as they are told and cut out the testing and accept the patches.

If this is most evident with Microsoft’s Patch Tuesday – and wasn’t this week’s patch a monster ¬ it is increasingly true for other software and systems.

Perhaps it is time to assert some traditional values and stop taking a vendor’s word on the patch being safe. Test before you implement. Check your testing regime is up to snuff. You know it makes sense.

 
#renderView(view="/XSiteincludes/coldbox-views/tracking/twitter", args={ident="nvk5o"})# #renderView(view="/XSiteincludes/coldbox-views/tracking/linkedin", args={id="116509"})#