(RDS) Tip of the Day: Keeping your environment secure with Update Management

  • Article

Today's tip...

The Azure Update Management service is included as part of an Azure Subscription. Update management allows you to manage updates and patches for your machines. With Update management, you can quickly assess the status of available updates, schedule installation of required updates, and review deployment results to verify updates that apply successfully. This is possible whether your machines are Azure VMs, hosted by other cloud providers, or on premise.

 

Enable Update Management

  • Navigate to your VM and choose Update management from the left-hand menu.
  • Click the banner that says, ‘The Update management’ solution is not enabled on this virtual machine". Click there to learn more and enable.

  • On the next screen, click the Enable button. This creates a log analytics workspace and Automation account using default values. If you have an existing workspace or Automation account, you can choose those as well.

  • Once this is completed, you will see the Update Management view. Although it will take some time for data to populate, this view will give you information about a single VM. There is also a multi-machine view which you can access by clicking Manage multiple computers

  • You can easily add more machines from this view by selecting either Add Azure VM or Add Non-Azure Computer.

Get visibility into your Update Compliance with Update Management

  • By enrolling machines in Update Management, you have access to dashboards reporting on the state of your machines. This is possible whether your machines are Azure VMs, AWS VMs, other cloud providers, or on premise.

Deploy Security Updates

  • To deploy patches to machines, select Schedule update deployment from the multi-machine view.

  • In this blade, you can select computers which should receive updates. If you wish, you can filter Update classifications to only apply security updates. The update run can be scheduled to run once or on a recurring basis. The maintenance window defines how long the update process can run on the machine.

References: