Upgrade Better, Faster, Stronger
March 1, 2021
Security
Because of the recent cyberattack, we’ve asked you to update your Orion Platform several times. While these updates are necessary for the safety and performance of your environment, we understand there can be delays due to Change Advisory Boards (CABs), change freezes, and other factors. One of those factors, especially for those of you who have been SolarWinds customers for a long time, can be the time frame required for your critical monitoring system—and if your monitoring isn’t considered critical, you’re doing it wrong—to be offline. Over the past couple of years, the performance of the upgrade process has improved significantly. This means an upgrade I previously performed which took eight hours may now take less than two hours. During the THWACKcamp 2020, we even completed an upgrade in 20 minutes, which inspired many attendees to perform their upgrades during THWACKcamp, too. It was wonderful to get live feedback from customers on the speediness and ease of their upgrade experiences.
We also heard about the loss of support for Windows Server 2012, Windows Server 2012 R2, and Microsoft SQL 2012. We heard the impact this had on your ability to upgrade, so we added support back in the Orion Platform 2020.2 release. Eventually, it will reach end-of-life with Microsoft and SolarWinds will stop supporting Orion builds on it as well, but for the time being you can upgrade your Orion server even if it’s running on one of those versions. We still recommend you upgrade to Windows Server 2016 and Microsoft SQL 2016 SP1 or later for better performance and a bit of futureproofing. You can always check the support status for Windows Server and Microsoft SQL versions for the Orion Platform here, and check the release notes for deprecation notices.
Additionally, new Orion admins or even experienced Orion admins who’ve had a “bad” upgrade experience in the past may have fear of or a hesitation to upgrade. For new admins, it may stem from a lack of confidence due to being, well, new. If you’ve ever had a “bad” upgrade (I have!), you may worry about a repeat poor experience. Either way, you may be interested in our new Orion Assistance Program. This program was designed to assist our active maintenance customers with Orion Platform upgrades and answer questions on better securing your installation.
While we’re always excited about the new features in each release, it should be noted we’ve always included security patches, as well. As with any other software, it’s necessary to consistently patch vulnerabilities while providing feature updates and product bug fixes. Our release notes always contain information on the features, fixed issues, product improvements, upgrade and installation notes, and standard deprecation notices and legal notes. Recently, you may have noticed a new addition: vulnerability patches including the CVE and ZDI details. In the Orion Platform 2020.2.4 release notes, it looked like this:
You can look forward to those being a regular addition to our product release notes as part of our efforts to become secure by design. At SolarWinds, we’ll continue to provide updates on our efforts to become secure by design.