I used to IPL every morning... IBM suggested against that. So now I only IPL when PTFs require it.
As for the vulnerabilities...
1. I subscribe to IBM's notifications
2. Download and apply PTFs the same day
3. If any require IPL, I have a saved job scheduled entry to do that overnight
I also have the IBM job scheduled to download the cumulative PTF's monthly. I forget what it's called.
We are a small shop - this works well for us.
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Rob Berendt
Sent: Tuesday, May 23, 2023 2:34 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: [EXTERNAL] How often to IPL?
A recent discussion on LinkedIn discouraged IPLing frequently. And they
have a good point as each IPL resets your query optimizer and throws out
all temporary indexes. The catch was basically you should reduce IPLs for
PTF's, etc.
Here's the catch though: How often should you put on the PTF's? I think
we're better than most shops because we put on the latest cume and groups
on a quarterly basis. And there's always those shops that want to be some
lengthy amount of time behind. But how do you explain to your stakeholders
that you were notified that you were potentially exposed because you don't
have this Java group ptf on, or you don't have this level of firmware on,
or this Hiper group on? Do you tell them:
- "I know of the risk that we could lose a bunch of confidential
information but what if there's a flawed PTF and it causes issues?"
- "I know that IBM found an issue with the current level we're at and
issued a fixing PTF but what if that fixing PTF causes issues?"
- "We've been on this level for two years now and nothing has happened so
why fix what isn't broken?"
We're finding out that newer certification levels are requiring you to put
patches on much more frequently than most people do. And, frankly, it takes
less disruptive time to patch an IBM Power system than it does a Windows
Server.
If there's an incident, and management finds out that you were notified by
IBM notifications and you didn't put on the patch, are you going under the
bus?
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.
[CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.]
As an Amazon Associate we earn from qualifying purchases.