Applying Microsoft updates on TAC (TAC in Array)

PortSys provide recommended Microsoft patch update releases every month to keep the TAC servers up to date.

PortSys engineering team will be testing the updates on TAC servers before publicly anounce it for customers to make sure any updates are not badly effect the system.

To update TAC servers, make sure you follow the patch release guide sent monthly which contains information related to the latest Total Access Control upgrades, including important and critical security updates for the Windows operating system.  Review the document and follow the instructions to retrieve the updates for installation on PortSys’ TAC security appliances.  

IMPORTANT:  

  1. Server reboot may be required after patches/updates are applied. Therefor plan your patch update accordingly to avoid service disruption.
  2. Make sure you have backups of your array nodes (or snapshots if VM).
  3. PortSys recommended to apply patch update first on member servers and finally on array master server.

To update TAC server array nodes, do the following:

  1. Review the update document and list out KB reference numbers of important and critical updates.
  2. On Array Master,open TAC Management Console and go to Configuration --> Array Management.
  3. In Array Manager window select "Manage integrated NLB array member(s) status" check box.

    cid:image002.png@01D404C5.F2D28BA0

  4. In NLB do a Drainstop to block new connections from getting into the node without closing existing connections.
  5. Once there are no connections (or when you are OK dropping any remaining connections), you should set NLB to Suspended for that node.  This will prevent auto-rejoin when you restart.

    NOTE:  When suspend a node, TAC will not accept any new connections on that node and new connections will be accepted by other active nodes.

  6. Install the Microsoft patch updates.
  7. Restart the server if required.
  8. Resume NLB on the updated server.
  9. Repeat steps for each server.  Do master server as the last node to update.
  10.  Re-test all application access after patch update completed.