I Often get questions around how best to install Exchange updates or service packs. This Blog Post attempts to answer that Question.
To start with, I recommend having a Patch management Policy. A Good Patch management policy document should have the following listed:
1. How often should the updates / service pack be installed. ( e.g. Service Pack - once every quarter / critical updates - ASAP)
2. Applications which would possibly have a dependency on the Patch / Service pack. ( BB, Backup, antivirus , archiving, other 3rd party products ).
These 3rd party products should be tested for any dependencies on the Update / Service pack.
3. Sequence of server roles to install the Patches on.
Internet facing servers / sites should patched first
Non-internet facing should be after all internet facing sites are updated.
4. AV should be disabled for the time of installation.
5. StartDagServerMaintenance.ps1 before install & StopDagServerMaintenance.ps1 after success to disable replication & re-enable it after SP installation is complete
Additional Reading : http://technet.microsoft.com/en-us/library/bb629560.aspx
6. The Servers must be re-started if the installation of an update / Service pack prompts for a restart.
7. Tests which need to performed to validate services are up & running as expected.
8. Tests which need to be performed to validate the Updates / Service Pack is installed correctly.