Now Available:

Featured Resources:

Newsletter

Email Address:

Subscribe





Ask the Expert

Have a question for our resident expert? .

Realtime Communities

Messaging and Web Security


Unified Communications


IT Compliance


Vista


« Its Official: Longhorn is Windows Server 2008 | Main | Microsoft and Packeteer Announce Windows-based Branch Office Solution »

Cisco Unity Servers Should Not Allow Microsoft Automatic Updates?

I was having a conversation with Brad Beaber, one of the Senior Network Engineers for my company, 3t Systems, earlier today and we were having a conversation about Microsoft patches on Cisco Unity servers.

A Cisco Unity server ties into a Microsoft Exchange infrastructure to provide Unified Communication (voice mail, etc) capabilities for the organization when used in conjunction with Cisco phone hardware.

One comment Brad made that peaked my concern was related to Microsoft patches. According to Brad, Cisco servers should not have Automatic Updates enabled. Instead, these servers have their own patching engine that talks not to Microsoft, but to Cisco for Microsoft patches.

Cisco is ponying up to quality Microsoft patches for their servers? Sounds like a tall order to me. According to Brad...

For Unity, Cisco doesn't modify the patches from Microsoft. They usually test and publish the approved patches for download. They recommend turning off auto updates so you only apply tested updates.

For Exchange they say to keep the service pack level the same, the Exchange management tools are also on the Unity server. They also supply a headless CSA agent for their Unity and Call Manager servers which locks them down.

For Call Manager they roll up their approved patches into a single executable that updates the OS. They track the OS versions differently because there is some compatability to versions of Call Manager. They will have versions like 2000.2.7, 2000.4.4a, etc. The hardware platforms are also controlled so they roll out drivers and bios updates for the approved or rebranded HP and IBM servers.

Unity servers are part of a domain or their own domain if you are not using unified messaging since exchange is the message store for the voice mail.

What do you think about this practice? I've seen this before with other companies, trying to "control the message" with patching to prevent any conflicts with their products. Is this a good idea? I have my concerns, but I'd love to hear yours...

Tags: cisco  cisco unity  microsoft     

Posted by Greg Shields on May 14, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
https://realtime-windowsserver.com/type/mt-tb.cgi/125

Search

Most Active Posts

Library Resources

Recent Posts

Categories

Greg Shields' Bio:

Greg Shields is a Principal Consultant with 3t Systems in Denver, Colorado. With more than 10 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft, Citrix, and VMware technologies. Greg is a Contributing Editor for both Redmond Magazine and Microsoft Certified Professional Magazine, authoring two regular columns along with numerous feature articles, webcasts, and white papers. He is known for his abilities to relate highly technical concepts with a drive towards fulfilling business needs. Greg is also a highly sought-after instructor and speaker, teaching system and network troubleshooting curriculum for TechMentor Events, a twice-annual IT conference, and producing computer-based training curriculum for CBT Nuggets on numerous topics. Greg is a triple Microsoft Certified Systems Engineer (MCSE) with security specialization and a Certified Citrix Enterprise Administrator (CCEA).