...

Customers may have special requests for updated packages or libraries. If this is any change beyond a simple update of a minor software version, it goes through the standard change control process. Otherwise a ticket with the request is sufficient, and it is at the Systems Team's discretion how and when to roll out the update.

Vulnerability Response

• Urgent identified (Emergency) issues/potential vulnerabilities from NCSA security/ICI:
  • deployment of necessary patches/fixes/mitigations
  • communication of urgent actions to customer
  • development of coordinate deployment/corrective actions with customer going forward
• quarterly PM periods for updates
  
  • these are done on weekends or off-hours
  • preplanned schedule of actions and work list
  • prep work as possible to minimize the necessary downtime
  • work will be done on a rolling reboot method during 2 of these
  • work requiring full service outages will be scheduled on a semi-annual basis
  • attempts to preemptively address overall system issues
• inline outages for individual services or nodes as issues are identified
  • these may follow some specific testing on that service/node for regression
  • will be deployed in priority order, with appropriate service consideration
• Physical security issues at the facility
  • notice to the project and immediate service outage to the extent necessary