Storage Components – Application Management – SOA-C02 Study Guide

Storage Components

A storage component is the underlying device where the data is stored. This can include a magnetic hard drive, a solid-state drive, or a tape device. In terms of patching, the devices themselves may require occasional firmware updates (see the next section on firmware). Additionally, the software used by an operating system to access the storage device (called a device driver) might also need to be patched occasionally.

Firmware

Firmware is software that is designed to provide control over device hardware. In a public cloud, customers rarely have any control over the firmware that is being utilized by the physical hardware (exceptions can include when a customer leases the entire physical system for their use). As a result, the patching of firmware in a public cloud is almost always fully in the scope of the cloud vendor.

In a private cloud environment, where the control of the physical systems is in the hands of the organization using the private cloud, firmware is the responsibility of the organization.

Software

The terms application and software are often mistakenly used interchangeably, but these terms are not synonymous. An application is a type of software, but software encompasses all types of code that is executed on a system. Often to distinguish between application software and other types of software, the term systems software is used.

In the terms of the scope of software patching in a cloud environment, systems software and application software are similar. The biggest difference is that application software is more often SaaS and the patching falls under the responsibility of the cloud vendor or the application developer. Systems software is more often not SaaS and is therefore the responsibility of the cloud customer to ensure the software is properly patched.

Policies

Just because a patch is released doesn’t mean that it should be immediately applied. Patches are often temporary fixes and may cause more problems than they fix. Some patches are also minor and unnecessary, at least in terms of the business goals of your organization.

Your organization should have policies on which patches to apply and how they should be applied. For example, you might have a policy that patches are first deployed in a testing environment and tests are performed before releasing in a development environment.

You should also consider which versions of software you wish to deploy. Some organizations opt to have the latest version installed, whereas others tend to stay one version behind. See the next section on N-1 for more details.

N-1

For the term N-1, N refers to the most recent stable release of software, and N-1 refers to the previous most recent stable release of the software. There are advantages and disadvantages to always upgrading to the latest release versus staying one release behind the most current release, including

Features: The N release typically has newer features that the N-1 release does not.

Compatibility: The N-1 release tends to be more compatible with other existing or older software, whereas the N release might work better if you have updated to other related software.

Security: The N-1 release tends to require less security patching than the N release because the code is more mature and more of the bugs have been worked out.