If you missed the end-of-life (EOL) deadline for Windows Server 2008, you might think that you have bigger problems to deal with. Unfortunately, this task remains on top of your priority list. Attackers are busy exploiting any vulnerabilities they can find, which means that every day you leave Windows Server 2008 devices—or other obsolete hardware and software—active in your data center is another day you’re leaving a hole in your defenses.
Unfortunately, the ongoing COVID-19 pandemic has made it difficult to take care of obsolete software. If outdated software exists in your data center, you need to the following:
- Identify which boxes are still running Windows Server 2008 (make sure you get them all)
- Determine whether it’s possible to upgrade these devices, then perform the upgrade
- If the upgrade is impossible, you need a way to safely decommission the servers involved
What’s more, you need the ability to do all of this while minimizing your visits to the data center.In some cases, visiting to perform preventive maintenance may have been indefinitely postponed. In addition, Windows Server 2008 is far from the only out-of-date software (or hardware) that might be lurking in your data center. How can you find other outdated software and mitigate the issues it presents?
Find the Software and Hardware that’s Slowing You Down
It can be easy for servers and software to slip out of date. Because the data center environment is so complicated, you may find that you’re spending most of your time running maintenance on your data center’s most pressing issues. The workloads that keep running no matter what are the workloads that get ignored and forgotten.
Your first step is to use common vulnerability management tools to scan your hardware for out-of-date operating systems. This is a good first step, but there are limitations. First, if you don’t scope the vulnerability scan wide enough, you might not find all of the obsolete applications/operating systems you’re looking for. Second, your scan might not find servers that are old or under-resourced, if they happen to be running up-to-date software.
You can also use Active Directory to find servers that time forgot. If you keep track of “lastmodified” or “lastlogon” fields, then you can find servers that no one has touched in some time—a month, six months, a year. You can then interrogate these servers to find out if they’re past end-of-life.
Lastly, an obsolete server is probably an under-resourced server. There are a few ways to find these. If you get a lot of Execution Warnings in SQL Server, for example, then one of your servers doesn’t have enough memory. You can usually trace this error code back to an individual machine. SSH can also give you detailed information on server resources—the
top utility shows CPU utilization, and the
sar command can give you a past record of CPU usage and RAM performance. If you find that one of your servers is consistently maxed out on CPU or RAM, it probably doesn’t have enough horsepower to run your applications.
Remotely Decommissioning Out-of-Date Infrastructure
If you find obsolete software, your path is relatively clear. Update the software on the machine (if the machine can support it), or else find a new machine in your data center that can now run the updated software. You may have some trouble with application dependencies, but we’ll get to that in a minute.
If you find obsolete hardware, your path is a bit more difficult. You may not be able to visit your data center, which means that it’s harder for you to understand how your obsolete servers connect to one another. If you simply shut them down remotely without doing due diligence, then you might find that dependent applications fail unexpectedly.
Here at Device42, we make it easy to find obsolete hardware and software. We have an auto-discovery functionality that can help instantly detect end-of-life infrastructure in your data center. Turn it on and you’ll be able to instantly catalogue your applications and operating systems by version number, flagging those that are out of date. For servers, our auto-discovery functionality builds a complete picture of your data center hardware, allowing you to see out-of-date model numbers and servers without enough resources. Lastly, an application discovery mapping functionality lets you take these servers out of commission without causing unplanned downtime.
Managing your data center can be difficult without being there in person, but Device42 gives you all the tools you need in a single package. For more information on how we can help, download a free trial today!