AppDNA Patch Impact Analysis
Patch Tuesday has always been the thorn in an IT admin’s side, potentially introducing risk into your end user compute environment. Many times we have seen the impact of a Microsoft patch that has either resulted in substandard performance or worse, an application that frequently crashes your users’ VDI or XenApp servers. Historically, the best way to mitigate this risk was to select a subset of users and perform UAT testing in the ‘hope’ that any faults will be detected prior to production rollout. This can effectively mean you are looking for a needle in a haystack as you are unsure which components the Microsoft patch impacts and furthermore, potentially assigning the wrong testing resources for the potential applications affected.
Citrix AppDNA attempts to address these issues by identifying the surface area of a patch(es) on your application portfolio. This type of assessment is a new feature introduced in AppDNA 7.8 in the form of an AppDNA solution. This process relies on the fact that you have imported all your applications into AppDNA to perform the assessment.
Importantly, this process does not tell you what the patch does or its criticality, but rather which application ‘might’ be affected by the patch(es). With this understanding, we can then assess the potential impact to the application portfolio, and devise a specific test strategy reducing the amount of testing time and crucially, spending more time of those applications that are more likely to be affected.
The following screenshot illustrates five Windows 10 patches that were assessed and provides a high level overview of the potential impact.
As we can see, two patches do not directly impact our applications; three patches however may impact applications in our portfolio. By clicking on the report name, we can drill down into the report to assess the surface area of the patch.
Within this report, we can clearly see which applications have been flagged as a risk and which have not. By selecting the application, we can drill down further into which specific DLLs or drivers may potentially cause problems.
The information gleamed out this process provides IT administrators a fine grained view of the expected application interoperability with the patch, which provides the business intelligence to develop an appropriately tailored test plan based on potential risks identified by AppDNA. This process may significantly reduce your UAT test process, but more importantly allow you to spend more time validating the correct applications, with the correct people within your business teams.
While this is a high level view of what the AppDNA Patch Impact Analysis performs, we encourage you to look into this feature in detail. Please refer to the Citrix Blog ‘Taming Patch Tuesday with Citrix AppDNA’ which provides you with a step by step blow on how to import Microsoft patches for analysis.
Whilst the AppDNA Patch Impact Analysis process mitigates some of the risks associated with patch Tuesday patching cycles, many more challenges exist, specifically around the demarcation of roles and responsibilities of the patch management cycle as a whole; who is in charge of testing/deployment/applications, etc. These processes may be convoluted at times, and unoptimised for such a process. Let us help you develop a process for patching your end user compute environment, reach out and contact us today.