WEBVTT 1 00:00:00.000 --> 00:00:01.380 In this lesson, 2 00:00:01.380 --> 00:00:04.380 we will learn about update management. 3 00:00:04.380 --> 00:00:07.650 Update management is the process of ensuring 4 00:00:07.650 --> 00:00:10.050 that all components of a system, 5 00:00:10.050 --> 00:00:13.320 including firmware, system images, 6 00:00:13.320 --> 00:00:17.610 hypervisors, operating systems, and software 7 00:00:17.610 --> 00:00:20.850 are regularly updated and patched. 8 00:00:20.850 --> 00:00:24.270 Firmware updates address the embedded software 9 00:00:24.270 --> 00:00:26.370 in hardware devices. 10 00:00:26.370 --> 00:00:30.510 Next, updating system images and hypervisors 11 00:00:30.510 --> 00:00:32.520 helps maintain the integrity 12 00:00:32.520 --> 00:00:35.580 and security of virtual environments. 13 00:00:35.580 --> 00:00:39.480 Finally, operating system and software updates 14 00:00:39.480 --> 00:00:43.140 ensure that all applications and operating systems 15 00:00:43.140 --> 00:00:46.620 are protected against known vulnerabilities, 16 00:00:46.620 --> 00:00:49.080 reducing the attack surface. 17 00:00:49.080 --> 00:00:51.240 Let's learn more about updating 18 00:00:51.240 --> 00:00:54.150 and patching firmware, system images, 19 00:00:54.150 --> 00:00:58.500 hypervisors, operating systems, and software. 20 00:00:58.500 --> 00:01:00.600 First, we have firmware. 21 00:01:00.600 --> 00:01:04.440 Firmware is embedded software in hardware devices 22 00:01:04.440 --> 00:01:07.170 that serves as the foundational code 23 00:01:07.170 --> 00:01:10.470 that controls and facilitates communication 24 00:01:10.470 --> 00:01:14.790 between hardware components and the operating system. 25 00:01:14.790 --> 00:01:16.560 Keeping firmware updated 26 00:01:16.560 --> 00:01:19.350 is critical to maintaining security, 27 00:01:19.350 --> 00:01:21.990 stability, and performance 28 00:01:21.990 --> 00:01:26.670 as it often includes fixes for vulnerabilities or bugs 29 00:01:26.670 --> 00:01:29.400 found after initial deployment. 30 00:01:29.400 --> 00:01:32.340 Firmware updates are particularly important 31 00:01:32.340 --> 00:01:35.400 in network equipment, storage devices, 32 00:01:35.400 --> 00:01:38.790 and internet of things or IoT systems 33 00:01:38.790 --> 00:01:41.520 where vulnerabilities could expose systems 34 00:01:41.520 --> 00:01:44.340 to significant security risks. 35 00:01:44.340 --> 00:01:47.850 Dell Command Update is an example of a tool 36 00:01:47.850 --> 00:01:51.990 that automates firmware updates for many Dell devices, 37 00:01:51.990 --> 00:01:54.660 helping to streamline this process. 38 00:01:54.660 --> 00:01:57.240 But it is important to understand 39 00:01:57.240 --> 00:02:00.090 that unlike operating system updates, 40 00:02:00.090 --> 00:02:03.570 firmware updates are often not automatic 41 00:02:03.570 --> 00:02:06.390 and typically requires separate management, 42 00:02:06.390 --> 00:02:08.940 meaning they need to be manually initiated 43 00:02:08.940 --> 00:02:12.090 or configured through dedicated tools. 44 00:02:12.090 --> 00:02:17.070 Also, firmware updates are not part of a regular OS update, 45 00:02:17.070 --> 00:02:18.840 so they can be overlooked 46 00:02:18.840 --> 00:02:22.260 if administrators do not specifically look for them. 47 00:02:22.260 --> 00:02:24.390 Poor firmware update management 48 00:02:24.390 --> 00:02:28.140 can expose an organization to various risks, 49 00:02:28.140 --> 00:02:32.490 such as unauthorized access to hardware level functions 50 00:02:32.490 --> 00:02:36.810 or a system compromise through unpatched vulnerabilities. 51 00:02:36.810 --> 00:02:40.020 Failing to update firmware regularly 52 00:02:40.020 --> 00:02:42.480 can also lead to performance issues 53 00:02:42.480 --> 00:02:45.930 and incompatibility with newer software, 54 00:02:45.930 --> 00:02:50.700 affecting the overall productivity of the organization. 55 00:02:50.700 --> 00:02:52.200 In critical systems, 56 00:02:52.200 --> 00:02:56.310 firmware updates can even lead to hardware failures, 57 00:02:56.310 --> 00:02:59.430 so timely and consistent firmware updates 58 00:02:59.430 --> 00:03:01.920 are important for maintaining secure 59 00:03:01.920 --> 00:03:04.590 and efficient operations. 60 00:03:04.590 --> 00:03:07.590 Second, we have system images. 61 00:03:07.590 --> 00:03:10.710 System images are comprehensive backups 62 00:03:10.710 --> 00:03:13.350 of fully configured operating systems 63 00:03:13.350 --> 00:03:15.810 or application environments, 64 00:03:15.810 --> 00:03:18.600 capturing the entire system state, 65 00:03:18.600 --> 00:03:23.160 including the operating system, applications, settings, 66 00:03:23.160 --> 00:03:26.730 and files at a specific point in time. 67 00:03:26.730 --> 00:03:29.580 System images streamline deployment 68 00:03:29.580 --> 00:03:33.330 by providing a consistent baseline configuration 69 00:03:33.330 --> 00:03:37.620 across deployed devices created from the image. 70 00:03:37.620 --> 00:03:40.860 By regularly updating and patching images, 71 00:03:40.860 --> 00:03:43.710 organizations ensure that each deployment 72 00:03:43.710 --> 00:03:46.530 includes the latest security patches, 73 00:03:46.530 --> 00:03:50.160 configurations, and software updates. 74 00:03:50.160 --> 00:03:51.870 Image management tools 75 00:03:51.870 --> 00:03:56.280 such as Microsoft's System Center Configuration Manager, 76 00:03:56.280 --> 00:03:58.320 or SCCM, 77 00:03:58.320 --> 00:04:02.580 and VMware's vSphere for virtual machine templates 78 00:04:02.580 --> 00:04:05.220 allow administrators to create, 79 00:04:05.220 --> 00:04:08.850 store, and update images efficiently. 80 00:04:08.850 --> 00:04:13.140 Without effective update management for system images, 81 00:04:13.140 --> 00:04:16.920 organizations face risks like deploying outdated 82 00:04:16.920 --> 00:04:19.200 and vulnerable configurations, 83 00:04:19.200 --> 00:04:21.420 which could expose systems 84 00:04:21.420 --> 00:04:24.600 to malware and unauthorized access. 85 00:04:24.600 --> 00:04:29.250 For instance, a workstation deployed from an outdated image 86 00:04:29.250 --> 00:04:32.400 might lack the latest security patches, 87 00:04:32.400 --> 00:04:34.620 leaving it susceptible to attacks 88 00:04:34.620 --> 00:04:37.590 that exploit known vulnerabilities. 89 00:04:37.590 --> 00:04:41.700 When multiple systems are deployed from outdated images, 90 00:04:41.700 --> 00:04:45.180 these vulnerabilities multiply across the network, 91 00:04:45.180 --> 00:04:48.600 increasing the likelihood of security incidents. 92 00:04:48.600 --> 00:04:52.440 So maintaining up-to-date system images 93 00:04:52.440 --> 00:04:55.410 ensures consistency, security, 94 00:04:55.410 --> 00:04:58.290 and efficiency across deployments. 95 00:04:58.290 --> 00:05:01.050 Third, we have hypervisors. 96 00:05:01.050 --> 00:05:04.020 Hypervisors, which enable virtualization 97 00:05:04.020 --> 00:05:07.470 by hosting virtual machines or VMs, 98 00:05:07.470 --> 00:05:11.010 play a crucial role in managing virtual environments 99 00:05:11.010 --> 00:05:13.440 and isolating resources. 100 00:05:13.440 --> 00:05:17.070 Hypervisors themselves require frequent patching 101 00:05:17.070 --> 00:05:19.740 to address security vulnerabilities 102 00:05:19.740 --> 00:05:23.790 and ensure compatibility and performance improvements 103 00:05:23.790 --> 00:05:27.000 across the entire virtual infrastructure. 104 00:05:27.000 --> 00:05:29.940 Tools like VMware vCenter 105 00:05:29.940 --> 00:05:32.580 and Microsoft Hyper-V Manager 106 00:05:32.580 --> 00:05:37.080 provide centralized management for hypervisor updates, 107 00:05:37.080 --> 00:05:39.390 allowing IT administrators 108 00:05:39.390 --> 00:05:42.870 to apply patches directly to the hypervisor 109 00:05:42.870 --> 00:05:46.500 with minimal impact on the individual VMs 110 00:05:46.500 --> 00:05:48.780 running in the hypervisor. 111 00:05:48.780 --> 00:05:52.920 So staying up to date with hypervisor patches 112 00:05:52.920 --> 00:05:55.350 strengthens the security and stability 113 00:05:55.350 --> 00:05:58.020 of the entire virtual environment, 114 00:05:58.020 --> 00:06:01.620 ensuring that resources are efficiently managed 115 00:06:01.620 --> 00:06:06.000 and that the system remains resilient to potential threats. 116 00:06:06.000 --> 00:06:09.510 If hypervisors are not regularly updated, 117 00:06:09.510 --> 00:06:12.600 they can become a significant vulnerability 118 00:06:12.600 --> 00:06:15.570 within an organization's infrastructure. 119 00:06:15.570 --> 00:06:18.990 An unpatched hypervisor could allow attackers 120 00:06:18.990 --> 00:06:21.390 to escape from one VM 121 00:06:21.390 --> 00:06:23.490 and gain access to others 122 00:06:23.490 --> 00:06:26.610 or even to the host system itself. 123 00:06:26.610 --> 00:06:29.610 This type of virtual machine escape 124 00:06:29.610 --> 00:06:32.250 is a significant security risk, 125 00:06:32.250 --> 00:06:36.990 particularly in environments with multiple sensitive VMs 126 00:06:36.990 --> 00:06:39.900 hosted on the same infrastructure. 127 00:06:39.900 --> 00:06:43.920 In this way, poor hypervisor update management 128 00:06:43.920 --> 00:06:46.740 can lead to severe security breaches, 129 00:06:46.740 --> 00:06:50.640 data loss, or service interruptions. 130 00:06:50.640 --> 00:06:53.910 Fourth, we have operating systems. 131 00:06:53.910 --> 00:06:56.610 Operating systems, or OSs, 132 00:06:56.610 --> 00:07:00.300 form the backbone of any computing environment, 133 00:07:00.300 --> 00:07:04.050 coordinating hardware and software interactions. 134 00:07:04.050 --> 00:07:06.810 Regular OS updates are essential 135 00:07:06.810 --> 00:07:09.570 for protecting against vulnerabilities, 136 00:07:09.570 --> 00:07:11.910 improving system stability 137 00:07:11.910 --> 00:07:13.740 and ensuring compatibility 138 00:07:13.740 --> 00:07:16.890 with new applications and hardware. 139 00:07:16.890 --> 00:07:20.880 Tools like the Windows Update for Windows systems, 140 00:07:20.880 --> 00:07:24.690 YUM and APT for Linux distributions, 141 00:07:24.690 --> 00:07:28.260 and Apple's Software Update for macOS 142 00:07:28.260 --> 00:07:29.940 provide automated ways 143 00:07:29.940 --> 00:07:33.900 to manage OS updates across endpoints. 144 00:07:33.900 --> 00:07:35.640 For large environments, 145 00:07:35.640 --> 00:07:38.850 tools like Microsoft SCCM 146 00:07:38.850 --> 00:07:42.870 enable centralized operating system patch management, 147 00:07:42.870 --> 00:07:46.710 making it easier to ensure that all IT systems 148 00:07:46.710 --> 00:07:49.740 receive critical updates promptly. 149 00:07:49.740 --> 00:07:52.410 Failure to update operating systems 150 00:07:52.410 --> 00:07:56.640 can expose organizations to severe security risks 151 00:07:56.640 --> 00:08:00.270 as attackers often target known vulnerabilities 152 00:08:00.270 --> 00:08:02.970 in outdated OS versions. 153 00:08:02.970 --> 00:08:07.800 So an unpatched OS may be susceptible to malware, 154 00:08:07.800 --> 00:08:10.200 ransomware, or other exploits 155 00:08:10.200 --> 00:08:14.820 that compromise data security and disrupt operations. 156 00:08:14.820 --> 00:08:18.120 Additionally, outdated operating systems 157 00:08:18.120 --> 00:08:22.320 can lead to compatibility issues with newer software, 158 00:08:22.320 --> 00:08:24.930 resulting in decreased productivity 159 00:08:24.930 --> 00:08:27.570 and increased support costs. 160 00:08:27.570 --> 00:08:30.420 By keeping operating systems updated, 161 00:08:30.420 --> 00:08:34.860 organizations can safeguard their systems from known threats 162 00:08:34.860 --> 00:08:39.240 and ensure a reliable and stable user environment. 163 00:08:39.240 --> 00:08:42.690 Fifth and finally, we have software. 164 00:08:42.690 --> 00:08:46.620 Software, including applications and utilities, 165 00:08:46.620 --> 00:08:50.460 requires regular updates to remain secure, 166 00:08:50.460 --> 00:08:54.360 functional, and compatible with system components. 167 00:08:54.360 --> 00:08:58.140 Software often provide security patches, 168 00:08:58.140 --> 00:09:01.410 performance improvements, and new features, 169 00:09:01.410 --> 00:09:04.350 making their management across all systems 170 00:09:04.350 --> 00:09:08.310 important to an organization's security posture. 171 00:09:08.310 --> 00:09:12.180 However, software updates do not come packaged 172 00:09:12.180 --> 00:09:15.540 with operating system or firmware updates, 173 00:09:15.540 --> 00:09:18.630 so they need to be handled separately. 174 00:09:18.630 --> 00:09:21.210 Effective software update management 175 00:09:21.210 --> 00:09:25.740 ensures applications stay protected against exploits 176 00:09:25.740 --> 00:09:28.470 and continue to operate reliably 177 00:09:28.470 --> 00:09:31.320 within the broader system environment. 178 00:09:31.320 --> 00:09:33.600 Poor software update management 179 00:09:33.600 --> 00:09:38.130 can leave applications vulnerable to known security flaws, 180 00:09:38.130 --> 00:09:42.810 providing attackers with entry points to systems and data. 181 00:09:42.810 --> 00:09:44.520 If critical applications 182 00:09:44.520 --> 00:09:47.490 like web browsers or productivity software 183 00:09:47.490 --> 00:09:49.890 are not regularly updated, 184 00:09:49.890 --> 00:09:52.650 they could expose sensitive information, 185 00:09:52.650 --> 00:09:54.210 cause data loss, 186 00:09:54.210 --> 00:09:57.420 or lead to compromised user accounts. 187 00:09:57.420 --> 00:10:01.740 Furthermore, outdated software can reduce productivity 188 00:10:01.740 --> 00:10:04.050 and cause compatibility issues 189 00:10:04.050 --> 00:10:06.750 with other updated components, 190 00:10:06.750 --> 00:10:11.010 resulting in inefficiencies across the organization. 191 00:10:11.010 --> 00:10:14.550 So by prioritizing software updates, 192 00:10:14.550 --> 00:10:17.280 organizations can maintain security, 193 00:10:17.280 --> 00:10:20.580 efficiency, and user satisfaction. 194 00:10:20.580 --> 00:10:22.980 So remember, 195 00:10:22.980 --> 00:10:25.920 update management is the ongoing process 196 00:10:25.920 --> 00:10:28.470 of keeping all system components 197 00:10:28.470 --> 00:10:32.430 like firmware, system images, hypervisors, 198 00:10:32.430 --> 00:10:35.130 operating systems, and software 199 00:10:35.130 --> 00:10:37.650 up to date and secure. 200 00:10:37.650 --> 00:10:41.430 Firmware updates maintain security in hardware 201 00:10:41.430 --> 00:10:43.290 by addressing vulnerabilities 202 00:10:43.290 --> 00:10:47.160 that can expose systems to serious risks. 203 00:10:47.160 --> 00:10:48.990 Updating system images 204 00:10:48.990 --> 00:10:52.620 ensures that every deployment starts from a secure, 205 00:10:52.620 --> 00:10:55.440 consistent baseline configuration, 206 00:10:55.440 --> 00:10:58.080 reducing the risk of outdated 207 00:10:58.080 --> 00:11:01.470 or vulnerable software in new deployments. 208 00:11:01.470 --> 00:11:04.560 Next, regular updates to hypervisors, 209 00:11:04.560 --> 00:11:06.900 which manage virtual environments, 210 00:11:06.900 --> 00:11:08.610 prevent security threats 211 00:11:08.610 --> 00:11:11.430 from reaching the virtual infrastructure. 212 00:11:11.430 --> 00:11:14.070 Then operating system updates 213 00:11:14.070 --> 00:11:17.700 are used to protect systems against vulnerabilities, 214 00:11:17.700 --> 00:11:22.260 improve stability, and support new applications or hardware. 215 00:11:22.260 --> 00:11:23.730 While software updates 216 00:11:23.730 --> 00:11:26.220 handled separately from operating system 217 00:11:26.220 --> 00:11:27.720 and firmware updates, 218 00:11:27.720 --> 00:11:31.830 secure individual applications against exploits 219 00:11:31.830 --> 00:11:35.640 and ensure they work well within the system environment. 220 00:11:35.640 --> 00:11:38.790 Together, all of these update practices 221 00:11:38.790 --> 00:11:41.700 ensure that the organization's systems 222 00:11:41.700 --> 00:11:43.980 are protected from known threats 223 00:11:43.980 --> 00:11:47.853 and that they operate efficiently and reliably.