Windows Update Details - OS Test

Microsoft regularly releases various Windows updates to enhance and protect the Windows operating system. These updates are also applicable for the Windows virtual desktops on the VMs. The Windows updates fix newly discovered security holes and bugs, add malware definitions to Windows Defender and Security Essentials utilities, strengthen Office security and add new features/enhancements to the Windows operating system. By installing these updates regularly, you can keep the operating system highly secure, reliable and stable, and can maintain the performance of the operating system at peak. If the operating system is not updated regularly, the critical bugs and security errors may increase vulnerabilities. These vulnerabilities can be exploited by the malware or hackers, thus exposing the operating system to malicious attacks and degrading the operating system's performance. To avoid such eventualities, you should regularly check whether the Windows operating system is up-to-date or not. This check can be easily done using the Windows Update Details - OS test.

This test continuously monitors the Windows operating system and reports the current status of the Windows updates for the operating system. Besides, this test indicates whether any update is pending for the operating system and whether the Windows system is rebooted or not. In the process, this test also reports the total number of updates to be installed for the virtual desktop and the number of Windows updates of different types at regular intervals.

This test is disabled by default. To enable the test, go to the enable / disable tests page using the menu sequence : Agents -> Tests -> Enable/Disable, pick Microsoft Windows as the desired Component type, set Performance as the Test type, choose the test from the disabled tests list, and click on the < button to move the test to the ENABLED TESTS list. Finally, click the Update button.

Target of the test: A KVM VDI server

Agent executing the test: An internal agent

Output of the test: One set of results for every Windows virtual desktop on the target server.

Configurable parameters for the test
  1. Test period - How often should the test be executed.
  2. Host - The host for which the test is to be configured.
  3. port - The port at which the host listens. By default, this is NULL.

  4. inside view using - By default, this test communicates with every VM remotely and extracts “inside view” metrics. Therefore, by default, the inside view using flag is set to Remote connection to VM (Windows).

    Typically, to establish this remote connection, eG Enterprise requires that the eG agent be configured with domain administrator privileges. In high-security environments, where the IT staff might have reservations about exposing the credentials of their domain administrators, this approach to extracting “inside view” metrics might not be preferred. In such environments therefore, eG Enterprise provides administrators the option to deploy a piece of software called the eG VM Agent on every Windows VM; this VM agent allows the eG agent to collect “inside view” metrics from the Windows VMs without domain administrator rights. Refer to Configuring Windows Virtual Machines to Support the Inside View Using the eG VM Agent topic for more details on the eG VM Agent. To ensure that the “inside view” of Windows VMs is obtained using the eG VM Agent, set the inside view using flag to eG VM Agent (Windows). Once this is done, you can set the domain, admin user, and admin password parameters to none.

  5. domain, admin user, admin password, and confirm password – By default, this test connects to each virtual guest remotely and attempts to collect “inside view” metrics. Accordingly, the inside view using flag is set to Remote connection to VM (Windows) by default. To obtain a remote connection, the test must be configured with the privileges of an administrative user to the domain within which the guests reside. The first step towards this is to specify the DOMAIN within which the virtual guests reside. The admin user and admin password will change according to the domain specification. Discussed below are the different values that the domain parameter can take, and how they impact the admin user and admin password specifications:

    • If the VMs belong to a single domain:  If the guests belong to a specific domain, then specify the name of that domain against the domain parameter. In this case, any administrative user in that domain will have remote access to all the virtual guests. Therefore, an administrator account in the given domain can be provided in the ADMIN USER field and the corresponding password in the ADMIN PASSWORD field. Confirm the password by retyping it in the CONFIRM PASSWORD text box.
    • If the VMs belong to different domains:In this case, you might want to provide multiple domain names. If this is done, then, to access the guests in every configured domain, the test should be configured with the required user privileges; this implies that along with multiple DOMAIN names, multiple ADMIN USER names and ADMIN PASSWORDs would also have to be provided. To help administrators provide these user details quickly and easily, the eG administrative interface embeds a special configuration page. To access this page, simply click on the Click here hyperlink that appears just above the parameters of this test in the test configuration page. To know how to use the special page, refer to Configuring Users for VM Monitoring topic of this document.
    • If the INSIDE VIEW USING flag is set to ‘eG VM Agent (Windows)’: On the other hand, if the inside view using flag is set to eG VM Agent (Windows), then it implies that the inside view can be obtained without domain administrator privileges. Therefore, set the domain, admin user, and admin password parameters to none.
  6. REPORT BY USER – For the Microsoft Hyper-V monitoring model, the REPORT BY USER flag is set to NO by default, indicating that by default, the guest operating systems on the Hyper-V server are identified using the hostname specified in the operating system. On the other hand, for the Microsoft Hyper-V VDI model, this flag is set to YES by default; this implies that in case of VDI servers, by default, the guests will be identified using the login of the user who is accessing the guest OS. In other words, in VDI environments, this test will, by default, report measures for every username_on_virtualmachinename.

  7. REPORT POWERED OS - This flag becomes relevant only if the report by user flag is set to ‘Yes’.

    If the report powered os flag is set to Yes (which is the default setting), then this test will report measures for even those VMs that do not have any users logged in currently. Such guests will be identified by their virtualmachine name and not by the username_on_virtualmachinename. On the other hand, if the report powered os flag is set to No, then this test will not report measures for those VMs to which no users are logged in currently.

  8. exclude vms - Administrators of some virtualized environments may not want to monitor some of their less-critical VMs - for instance, VM templates - both from 'outside' and from 'inside'. The eG agent in this case can be configured to completely exclude such VMs from its monitoring purview. To achieve this, provide a comma-separated list of VMs to be excluded from monitoring in the exclude vms text box. Instead of VMs, VM name patterns can also be provided here in a comma-separated list. For example, your exclude vms specification can be: *xp,*lin*,win*,vista. Here, the * (asterisk) is used to denote leading and trailing spaces (as the case may be). By default, this parameter is set to none indicating that the eG agent obtains the inside and outside views of all VMs on a virtual host by default. By providing a comma-separated list of VMs/VM name patterns in the exclude vms text box, you can make sure the eG agent stops collecting 'inside' and 'outside' view metrics for a configured set of VMs.
  9. ignore winnt – By default, the eG agent does not support the inside view for VMs executing on Windows NT operating systems. Accordingly, the ignore winnt flag is set to Yes by default.
  10. DD For Total Updates – In large VDI environments where hundreds of Windows virtual desktops have been provisioned, the frequent collection of detailed diagnosis information related to the update details of the virtual desktops may increase the processing overheads of the eG agent, and may even choke the eG database. To avoid this, by default, the DD For Total Updates flag is set to No indicating that this test will not report the detailed diagnostics for the Total Updates Available measure. However, you can set this flag to Yes if you want to collect the detailed diagnostics of the Total Updates Available measure.
  11. DD frequency - Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD frequency.
  12.  DETAILED DIAGNOSIS - To make diagnosis more efficient and accurate, the eG suite embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option.

    The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

    • The eG manager license should allow the detailed diagnosis capability
    • Both the normal and abnormal frequencies configured for the detailed diagnosis measures should not be 0.
Measurements made by the test
Measurement Description Measurement Unit Interpretation

Are pending updates available?

Indicates whether/not the updates are pending.

 

The values that this measure can report and the numeric values they indicate have been listed in the table below:

Measure Value Numeric Value
No 0
Yes 1

Note:

By default, this measure can report the Measure Values mentioned above while indicating whether/not the updates are available. However, the graph of this measure is indicated using the numeric equivalents.

Is a system reboot pending?

Indicates whether the Windows virtual desktop is rebooted or not.

 

The values that this measure can report and the numeric values they indicate have been listed in the table below:

Measure Value Numeric Value
No 0
Yes 1

Note:

By default, this measure can report the Measure Values mentioned above while indicating whether the system is rebooted or not. However, the graph of this measure is indicated using the numeric equivalents.

Windows update service status

Indicates the current status of the Windows update service.

 

The values that this measure can report and the numeric values they indicate have been listed in the table below:

Measure Value Numeric Value
Unknown 0
Running 1
Start pending 2
Continue pending 3
Pause pending 4
Stop pending 5
Paused 6
Stopped 7

Note:

By default, this measure can report the Measure Values mentioned above while indicating the current status of Windows update service. However, the graph of this measure is indicated using the numeric equivalents.

Total updates available

Indicates the total number of Windows updates available for the virtual desktop.

Number

The detailed diagnosis of this measure, if enabled, lists the Windows updates available for the system and the categories of the available updates.

Critical updates available

Indicates the number of critical updates available for the virtual desktop.

Number

A critical update is a widely and frequently released update that deals with the specific, non-security related, critical bugs. If these bugs are not fixed quickly, they can cause serious performance degradation, interoperability malfunction or disturb application compatibility.

Important updates available

Indicates the number of important updates available for the virtual desktop.

Number

The important updates help fixing the vulnerabilities using which malware/hackers can exploit the system resources or steal data. This in tun may leave the confidentiality and integrity of the system defenseless and make the user data unavailable.

Moderate updates available

Indicates the number of moderate security updates available for the virtual desktop.

Number

The moderate updates fix a vulnerability whose exploitation can be mitigated to a significant degree by default configuration, auditing, or difficulty of exploitation.

Low updates available

Indicates the number of low security updates available for the virtual desktop.

Number

These updates fix the vulnerability whose exploitation is extremely difficult.

Optional updates available

Indicates the number of optional updates available for the virtual desktop.

Number

An optional update includes Feature Pack and standard Updates, and does not have a severity rating.