Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Its Official: Longhorn is Windows Server 2008 | Main | Tuesday "Just for Fun": Ether-eal vs. E-ther-eal »

Cisco Unity Servers Should Not Allow Microsoft Automatic Updates?

I was having a conversation with Brad Beaber, one of the Senior Network Engineers for my company, 3t Systems, earlier today and we were having a conversation about Microsoft patches on Cisco Unity servers.

A Cisco Unity server ties into a Microsoft Exchange infrastructure to provide Unified Communication (voice mail, etc) capabilities for the organization when used in conjunction with Cisco phone hardware.

One comment Brad made that peaked my concern was related to Microsoft patches. According to Brad, Cisco servers should not have Automatic Updates enabled. Instead, these servers have their own patching engine that talks not to Microsoft, but to Cisco for Microsoft patches.

Cisco is ponying up to quality Microsoft patches for their servers? Sounds like a tall order to me. According to Brad...

For Unity, Cisco doesn't modify the patches from Microsoft. They usually test and publish the approved patches for download. They recommend turning off auto updates so you only apply tested updates.

For Exchange they say to keep the service pack level the same, the Exchange management tools are also on the Unity server. They also supply a headless CSA agent for their Unity and Call Manager servers which locks them down.

For Call Manager they roll up their approved patches into a single executable that updates the OS. They track the OS versions differently because there is some compatability to versions of Call Manager. They will have versions like 2000.2.7, 2000.4.4a, etc. The hardware platforms are also controlled so they roll out drivers and bios updates for the approved or rebranded HP and IBM servers.

Unity servers are part of a domain or their own domain if you are not using unified messaging since exchange is the message store for the voice mail.

What do you think about this practice? I've seen this before with other companies, trying to "control the message" with patching to prevent any conflicts with their products. Is this a good idea? I have my concerns, but I'd love to hear yours...

Tags:          
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on May 14, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/125

Comments

Hi

Very interesting information! Thanks!

G'night

Posted by: hiutopor | September 21, 2007 3:33 AM

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.