Quick survey: Backup & Patching windows


Userlevel 7
Badge +23

Hey folks,

Hope everyone is having an amazing day!

I was hoping you could help us out by letting us know what your preferred backup window is, as well as your patch window / schedule. We’re working on something internally and some quick validation from the community would be really helpful.

I created a quick 6 question survey, and all responses are completely anonymous.

https://forms.office.com/r/NkFPDf1M0k

 


14 replies

Userlevel 6
Badge +15

Done !

The Commcell I manage is worldwide, so backup windows are mostly local time.

Commserve maintenance occurs at local Commserve time, where there’s the least possible activity (backup/copies/restores)..

Userlevel 7
Badge +19

@Damian Andre I gave my feedback but I find it a but traditional and miss the question around start/end to say I don't care run it as long as it doesn't impact my business.

Speaking of it….. start/end also depends and I think the biggest difference is in regards to the usage of the application. User facing I would say run it during the night and for data processing application run it during the day. 

Als firing tons of jobs at the same time impact the performance of you infrastructure a lot if you use your own infrastructure. So spreading it makes it less impactful

Anyway curious to learn why you requesting this information. 

Userlevel 7
Badge +16

Done 😀

Userlevel 7
Badge +23

No shock you 3 were among the first ones!!

Userlevel 4
Badge +12

Sent through my info.

 

Just some notes on my personal experience.

Managing multiple customers means that each one has their own window.
The general consensus is that the backup window is 18:00-06:00 the next day. No maintenance takes place in this time. Backup windows are always defined by business and system owners. We work within those parameters.

I tend to start patch updates on a Monday at 09:00. Reason is I have a weekend Full backup and if everything goes belly up, I may miss the Incremental window at worst. This is for the Commvault infrastructure only.
Clients will get done when the business owners approve. This is typically in the backup window.

I also only update quarterly, unless there’s a specific requirement to work outside this cycle. Most customers don’t allow monthly CVLT patches.

I hope this helps a bit?

Userlevel 7
Badge +23

That helps a lot, @Mauro !  Thanks for filling this out.

Userlevel 6
Badge +17

I also only update quarterly, unless there’s a specific requirement to work outside this cycle. Most customers don’t allow monthly CVLT patches.


I have a question about this, @Mauro.  These customers that don’t allow monthly Commvault patches, do they do monthly OS patching?

I ask because I’ve spoken with customers who are adamant about patching their OS (usually Windows) on a monthly basis, and most often without validating the patches before deploying them, but they will place Commvault patching under strict scrutiny.  I find that interesting.

Thanks,
Scott
 

Userlevel 4
Badge +12

I also only update quarterly, unless there’s a specific requirement to work outside this cycle. Most customers don’t allow monthly CVLT patches.


I have a question about this, @Mauro.  These customers that don’t allow monthly Commvault patches, do they do monthly OS patching?

I ask because I’ve spoken with customers who are adamant about patching their OS (usually Windows) on a monthly basis, and most often without validating the patches before deploying them, but they will place Commvault patching under strict scrutiny.  I find that interesting.

Thanks,
Scott
 

Hi Scott

Very valid question and one that I fight with regularly. Backup systems are always given low priority by our customers until something goes wrong.

When the OS patches are done, we almost never get given a window to run the updates. Usually we have 30 minutes prior to OS patching (I find that sometimes an OS patch stops the CVLT patch from completing.

30 minutes means if any client has any issues, we tend to run out of time in our change slot.

This challenge is more noted on our bigger clients who are running systems 24/7 so downtime is a luxury for us.

If I could, I would do this monthly.

 

Regards,

Mauro 

Userlevel 5
Badge +16

Why not give the customers a script to patch their clients themselves in that case? You can submit a request to run an update from the client side and have it run synchronously so the customer can integrate the patching of their own clients.

 

just a thought.

Userlevel 4
Badge +12

Why not give the customers a script to patch their clients themselves in that case? You can submit a request to run an update from the client side and have it run synchronously so the customer can integrate the patching of their own clients.

 

just a thought.

It would be an ideal situation for sure, but contractually we need to complete the task.

The Data Management portfolio is completely outsourced to our company which means we need to manage it end to end. 
This doesn’t apply to all our customers. Some are more accommodating than others in this regard, which makes the upgrade much easier.
Even then we need to schedule the upgrades to fit in with their requirements.

I’m wondering if customers in your areas are more lenient with how the patching process works? In South Africa, we have very stringent policies that customers enforce around patching processes. 


Regards,
Mauro

 

Userlevel 5
Badge +16

Why not give the customers a script to patch their clients themselves in that case? You can submit a request to run an update from the client side and have it run synchronously so the customer can integrate the patching of their own clients.

 

just a thought.

It would be an ideal situation for sure, but contractually we need to complete the task.

The Data Management portfolio is completely outsourced to our company which means we need to manage it end to end. 
This doesn’t apply to all our customers. Some are more accommodating than others in this regard, which makes the upgrade much easier.
Even then we need to schedule the upgrades to fit in with their requirements.

I’m wondering if customers in your areas are more lenient with how the patching process works? In South Africa, we have very stringent policies that customers enforce around patching processes. 


Regards,
Mauro

 

 

It has been my experience that the only way to get this kind of compliance is to enforce it contractually.

that is add it as a stipulation somewhere in the contract, essentially saying that the ability to restore the data cannot be guaranteed without updated clients.

There will always be customers that are either defiant, uncooperative or just plain unresponsive.

 

 

Userlevel 7
Badge +19

I also only update quarterly, unless there’s a specific requirement to work outside this cycle. Most customers don’t allow monthly CVLT patches.


I have a question about this, @Mauro.  These customers that don’t allow monthly Commvault patches, do they do monthly OS patching?

I ask because I’ve spoken with customers who are adamant about patching their OS (usually Windows) on a monthly basis, and most often without validating the patches before deploying them, but they will place Commvault patching under strict scrutiny.  I find that interesting.

Thanks,
Scott
 

Also interesting to here the reasoning behind this, although it might be something to do with the stability , reliability and the amount of customers who are using it.

Userlevel 7
Badge +19

We also delivers Commvault as a MSP to our internal customer teams and also noticed many customers were just lacking on applying Commvault updates while it is so simple to perform and in normal cases does not require a reboot. 

So we've come-up with an extension of our service offering to deliver it as a service. Customers have MTADP environments and most of the times they have TLA naming standard that can be used to identify environment. So we basically apply maintenance release on a monthly basis following this order in a period of about 2 weeks. This works great! 

@Mauro maybe try to sell it to the customers as well. sure customers do not give it a lot of priority but this results in risk, risk of not being able to recovery, not being able to backup or partially and of having security holes. 

Userlevel 6
Badge +15

Patching, security, backup, they’ve often seen the same way : just a cost and not a saving..

 

You all know this one :

 

Replace Cybersecurity with Backup, and Breach with cryptolocker, ransomware, data loss, accidental (or criminal) data deletion… 

 

Reply