Business-critical systems demand Live Patching capability | SUSE Communities

Business-critical systems demand Live Patching capability


As a system administrator, you could be spending several man days each month applying patches, synchronizing the patches across all your systems and rebooting the systems. You can avoid this.

On average, infrastructure failure costs large enterprises $100,000 per hour. Critical application failures can cost $500,000 to $1 million per hour*. You can avoid kernel patching as a cause contributing to these demands absolute uptime

Every month you see several security vulnerabilities show up for Linux kernel. Some are critical.
The vulnerabilities themselves are random. However, one thing is constant – security vulnerabilities will come every so often.

Here is a real life example compiled by SUSE engineers to walk you through.

You are starting with a good kernel, free of vulnerabilities, in the month of November. As the month goes by you discover 3 new vulnerabilities. You may decide to patch one or more of them, leading to your first reboot.

In December, you discover new vulnerabilities in the patched kernel, leading to 2nd reboot in two months.


The trend of new vulnerabilities continues in the month of January.

Over the year, the security vulnerability landscape looks like the below picture. A large number of vulnerabilities showed up, resulting in a number of reboots as a consequence of patching them. The IT teams supporting business critical applications that require 24×7 continuous uptime need to deal with this uncertainty and design infrastructure in order to account for avoiding downtime, incurring extra cost in resources.

Live Patching can avoid these reboots. The landscape will look like this when you are able to “live patch” the security vulnerabilities, at the earliest possible time.

With SUSE Linux Enterprise Live Patching you are not waiting for the downtime window or planning to schedule a downtime to apply patches. You patch the kernel when you need to, at the earliest possible time. As a result, you minimize the security exposure and reduce your downtime from reboots.

Learn more about Live Patching with this short 2 min video: Live Patching Explained in Two Mins. In addition to x86-64 platform, Live Patching is also available on IBM Power Systems.

Keep in touch @RajMeel7


*IDC Report: DevOps and the Cost of Downtime: Fortune 1000 Best Practice Metrics Quantified

(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published.

No comments yet