Keeping your environment secure with Update Management

The Azure Update Management service is included as part of an Azure Subscription. Update management allows you to manage updates and patches for your machines. With Update management, you can quickly assess the status of available updates, schedule installation of required updates, and review deployment results to verify updates that apply successfully. This is possible whether your machines are Azure VMs, hosted by other cloud providers, or on premise.

To use Update Management, you will need to take care of a few prerequisites. If you already have an Azure VM, this process is simple:

Navigate to your VM and choose Update management from the left-hand menu.

1_overview

Click the banner that says, "The Update management solution is not enabled on this virtual machine". Click there to learn more and enable.

On the next screen, click the Enable button. This creates a log analytics workspace and Automation account using default values. If you have an existing workspace or Automation account, you can choose those as well.

2_configure

Once this is completed, you will see the Update Management view. Although it will take some time for data to populate, this view will give you information about a single VM. There is also a multi-machine view which you can access by clicking Manage multiple computers

3_multi

You can easily add more machines from this view by selecting either Add Azure VM or Add Non-Azure Computer.

4_multi (1)

Get visibility into your Update Compliance with Update Management

By enrolling machines in Update Management, you have access to dashboards reporting on the state of your machines. This is possible whether your machines are Azure VMs, AWS VMs, other cloud providers, or on premise.

Deploy Security Updates

To deploy patches to machines, select Schedule update deployment from the multi-machine view.

 

This shows a new blade.

6_deploy

In this blade, you can select computers which should receive updates. If you wish, you can filter Update classifications to only apply security updates. The update run can be scheduled to run once or on a recurring basis. The maintenance window defines how long the update process can run on the machine.

For more information, please see Schedule an Update Deployment and the Update Management tutorial

Source: Azure Blog Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.