CloudNets S5 E2: Network Upgrade Considerations

Prioritize rapid security updates using targeted hot patches

In this episode, we explain how network operators should prioritize upgrades by balancing new feature value against security, reliability, and SLA risks. It highlights the importance of addressing security vulnerabilities quickly using targeted hot patches, which reduce testing scope and operational risk while allowing upgrades to be scheduled and deployed with minimal network disruption.

CloudNets S5E2: Network Upgrade Considerations
Dudy Cohen and David Watson cover 3 main challenges network operators face in prioritizing actions in network upgrades.

Chapters:

• 0:00 – Intro
• 00:45 – Business needs vs Security Risks
• 01:20 – Introducing hot patches
• 01:49 – Hot Patches: Fast security CVEs resolution
• 02:05 – Summary

Key Takeaways

• Security patches should be prioritized over feature upgrades to quickly reduce network risk.
• Hot patches deliver targeted fixes that minimize testing effort and lower operational risk.
• Combining hot patches with scheduled maintenance enables safer upgrades without frequent network disruption.

Listen on your favorite platform

Listen on Apple Podcasts
Listen on Spotify
Watch on YouTube

Read the full transcript
Welcome to CloudNets where networks meet cloud. Today we’re going to talk again about some upgrade considerations and we have David, our upgrade expert here with us. Thank you for joining, David. So, David, when you come to plan your upgrade plan, you have different types of new versions. Some are big feature rich versions some, some are smaller but crucial security patches. How do you plan it? What’s the consideration?

What the operators are taking into consideration is one, the features that are coming in there, are they valuable to them? Are they revenue generating for them, those things? The other thing is, are they solving a risk scenario that may have either is it addressing a reliability issue the network or is it a security risk on the network as we’re going through? So they’re kind of balancing kind of their business needs against kind of their security and kind of their SLA needs that they have in the network.

Okay. I think in terms of priorities, you need to tackle the security as soon as you can, as soon as you go. And it is a bit painful because these are often unexpected patches you need to run through the network. Is there a way to make it less painful?

There is, there is. You know, as a supplier, we sometimes say, stay current, take the biggest release you can. We’ll get that security fix into there and take it out. But what we want to do is we want to take that one security fix that they have, that CV that may be released. Maybe there’s a security breach that happened maybe a week or two ago. They need to get their network secure. They need to make the network they have for their customers, their business customers, risk free. And so when we do that, we can actually take these CVEs and introduce them into hot patches as we go through. So very targeted releases, small bundles, low risk for them to introduce them. And what that helps them to do is they know that this is a targeted fix for the network. So their testing efforts can be very targeted, reducing their risk. And then we can actually schedule this maintenance as we go out, allowing for them to basically know how long it will take for them to complete this upgrade.

Okay, that’s great. So basically the guidance is first go with the security patches because you need those in your network. But the combination of hot patches and scheduled maintenance allows you to do it pretty much safely and without the overhead of rattling the network every couple of weeks.

Exactly.

Okay, thank you very much, David, for this valuable information. Thank you for watching and see you next time on Cloudnets. Bye bye.