test

Sun Patch Manager 2.0 Administration Guide for the Solaris 9 Operating System

Local Patch Server

Note –

The local patch server is an optional Sun Patch Manager 2.0 feature that you can obtain at no charge if you are a contract customer in the SunSpectrum program.

For information about becoming a contract customer or obtaining the local patch server distribution, go to http://sunsolve.sun.com and click Patch Portal.

Starting with Solaris 8, client systems can use Patch Manager to access patches and patch data to perform patch analysis and maintenance. This patch data is provided by a patch source. The patch source can be a patch server, such as the Sun patch server or a local patch server, or a local collection of patches.

By using a local patch server on your intranet, you can serve patches to your local systems and minimize the Internet traffic between your systems and the Sun patch server. Such a local patch server caches any patches that are downloaded from its patch source.

For information about configuring a local patch server on your intranet, see Configuring Your Local Patch Server by Using the Command-Line Interface.

The local patch server obtains patches from its source of patches on a per-request basis, so you do not need to stock your patch server with patches before you can use it.

The system you choose to act as the local patch server must be running at least Solaris 9 and have at least the Developer Solaris Software Group installed. This system must also have the Sun Patch Manager 2.0 software installed.

Benefits of Using a Local Patch Server

Using a local patch server addresses security concerns as well as system analysis and patch download performance issues.

For instance, instead of patches and metadata being downloaded from the Sun patch server to each of your systems, the patch is downloaded only once to your local patch server. After the patch data is stored on this server, patch data is transferred to your system for analysis over your intranet instead of over the Internet.

You can configure a chain of patch servers on your intranet. The last link in the chain of local servers can point to the Sun patch server or to a local collection of patches. By using this chain of servers, a patch download request from your system to its primary patch server can be forwarded to other servers in the chain in an attempt to fulfill the request. If your system's primary server cannot locate a patch, the server makes the same request of the next server in the chain to see if the patch is stored there. If the patch is found, it is downloaded to the system. If the patch is not found, the request continues along the chain until the patch is found or the last server in the chain is reached.

For example, your company has a patch server that obtains patches directly from the Sun patch server. Each office in your company has its own patch server that obtains patches from the company patch server.

Each local patch server in the chain stores the patches found on another server in the chain based on the download request. So, a patch that is not initially found on your local server will be downloaded to your local server and stored before being downloaded to the client system. Each system in a chain of local patch servers might increase the amount of time it takes to download patches to your client system.