Randy Holloway at Microsoft : More on SQL Server Auto-Updates

My Sites

Services

Technorati Profile

Archives

More on SQL Server Auto-Updates

Frans and Paschal don't like the idea of auto-updates, and both raise legitimate concerns about the idea. Robert and I both like this idea. Discussion has ensued, and it has helped me to develop my thoughts on this subject. Let me explain a little bit more about why I like the idea of auto-updates, and how I'd like to see this implemented.

First, I agree that it is not feasible in all cases for the SQL box to connect directly to the outside and pull the updates. In situations where this wouldn't work, why not have an "agent" function that can be installed on another server, perhaps located in a DMZ, that could automatically retrieve the updates. Then at your administrator's discretion you can set up a secure conduit between your update server and the database server. Also, this feature needs to be implemented as a change management system where the updates are automatically available. Under no circumstances should you be forced to install the updates. At least not yet. We need to establish that the quality of these updates is sufficient to warrant further automation. For now, let's make sure that by default everyone has the updates and that your administrators get "bugged" by the software to install them. That would let Microsoft help you to be aware of the potential issues that may arise from not updating your servers in a timely fashion, without having an undue influence on your production environment.

Over time, I could see licensing evolving in such a way that you could not keep a system up and running that wasn't properly secured or updated. Perhaps the automation would be in place so that you would have no choice (I know this is the idea that people strongly resist, and understandably so). This kind of scenario might be appropriate in a subscription based licensing model, and that's where we're heading based on the current trends in the industry. For now, let's try to get the software distribution functions automated and let's give people a useful change management system to help them keep their environment secure. I think this concept, if implemented correctly, would greatly enhance the perception of Microsoft's committment to security and reliability in their software.

Posted: Sunday, August 24, 2003 10:34 AM by RandyHolloway

Comments

Mike Gunderloy said:

If Microsoft would add SQL Server patches to the list that it works from, we already have precisely that system today in Software Update Services.

# August 24, 2003 11:41 AM

Robert McLaws said:

Agreed.

# August 24, 2003 2:24 PM

Randy Holloway said:

Here is the link that Mike is referring to. Surprisingly, I had never heard of this prior to today. Thanks Mike.

# August 24, 2003 5:19 PM

Paul Wilson said:

Just a related note, many regulated industries simply cannot legally install any update, no matter how needed it is, without reams of documentation on the testing that was done for that specific system. Many still run very old systems, in some cases no longer officially supported by the vendor, because of the near impossibility of passing the regulatory requirements.

I'm a strong believer that consumer systems should auto-update by default. Corporate systems and servers should at least make it easy to turn on or off the auto-update feature depending on what the default is, but there is no way it can be required. As much as I would like it to be required for consumers, I doubt that will ever fly legally either, but having it be the default should be doable.

# August 24, 2003 9:18 PM

Paschal said:

Randy I agrre with Paul.

I think Robert and you missed one big issue, the content of the update process.
What if Microsoft read the data through the update on the SQL box. I know it's laughable, like the all evil conspiracy, but why not ?
Other issue, about hackers. What's going to happen if a hacker break the code to update SQL Server automatically ? He will be in heaven, no need to go through the web server, but directly at the source, like a hge supermarket, full of credit card details and other lovely confidential data.
No, the way I do my updates for the moment, regarding SQL is to patch a 'dummy' SQL box with the patch from a floppy or CD, and after reading the details of the readme, and if I am satisfy with the test results, I'll do so on the SQL live box.
Whatsoever, what is the most important thing for a company ? not the software but the data, so if MS want to do an automatic patch, ok, but I still want to turn it off.

# August 25, 2003 3:39 AM

Blair Stephenson said:

We generally test all our new software. Especially patches from Microsoft.

For example, we just had some of our production systems fail due to Microsoft patches, like last week. We didn't do testing.

So people are suggesting automatic updates. It might be somewhat OK for front line web servers, but never backend SQL production machines.

Unless Microsoft can acheive 100% no fail rate then maybe. But no one can that, can they.

# August 25, 2003 5:32 AM