10.64.6.

109 CMSPG-DP-MW2V

Remote Registry
Software Protection
IP Helper
Windows Update

CMSPG-DP-BA1V 10.64.6.102
CMSPG-DP-BA2V 10.64.6.103
CMSPG-DP-OP1V 10.64.6.106
CMSPG-DP-OP2V 10.64.6.107

CMSPG-DP-RM1V 10.64.6.100
CMSPG-DP-RM2V 10.64.6.101

CMSPG-DP-WF1V 10.64.6.104
CMSPG-DP-WF2V 10.64.6.105
CMSPG-DP-DB1V 10.64.6.164
CMSPG-DP-DB2V 10.64.6.165

<setting name="Remote Registry" value="stoppped" alarmcolor="green" />

<setting name="Software Protection" value="stoppped" alarmcolor="green" />
<setting name="IP Helper" value="stoppped" alarmcolor="green" />
<setting name="Windows Update" value="stoppped" alarmcolor="green" />

Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer

Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor

(Pvlan 1323,1324) managed by OCN FWs

Persistent Routes:
Network Address Netmask Gateway Address Metric
10.207.29.0 255.255.255.0 10.77.18.1 1
10.207.28.0 255.255.255.0 10.77.18.1 1

route add 10.207.28.0 mask 255.255.255.0 10.77.18.1 -p

route add 10.207.29.0 mask 255.255.255.0 10.77.18.1 -p

10.77.18.63 savla-db001v
10.77.18.64 savla-st001v
10.77.18.65 savla-ws001v
WLVCMCSQL10
10.207.29.100
. Change Rationale:

� Please provide the details of the change. CMC Citrix servers windows
patching group SG1
� What will be the impact on the business if this change does not go ahead? :
As per Microsoft we should have to patch windows systems to avoid any security risk
and vulnerability.

2. Scope
� What is the scope of the change i.e. provide a detailed outline of what the
change involves. : all windows servers will be updated and protected against any
security or vulnerability risk.
Patching on 11.02.2018
1. Approve the patches in WSUS (done)
2. For each site, enable the "WSUS Updates Policy-SG1" GPO
3. Configure hobbit downtime 11.02.2018 00:00-12:00
4. In the week preceeding the Sunday patching, create VM snapshot for every server
in SG1
5. During the scheduled time, servers will be automatically rebooted

Systems:
Hostname Patching Group Function
cmsac-cs-cx1v SG1 Citrix XenApp
cmsbs-cs-cx1v SG1 Citrix XenApp
cmsbs-cs-cx2v SG1 Citrix XenApp
cmshl-cs-cx1v SG1 Citrix XenApp
cmshl-cs-cx2v SG1 Citrix XenApp
cmsla-cs-cx1v SG1 Citrix XenApp
cmslu-cs-cx1v SG1 Citrix XenApp
cmslu-cs-cx2v SG1 Citrix XenApp
cmsma-cs-cx1v SG1 Citrix XenApp
cmspc-cs-cx1v SG1 Citrix XenApp
cmspc-cs-cx23v SG1 Citrix XenApp
cmspc-cs-cx24v SG1 Citrix XenApp
cmspg-cs-cx1v SG1 Citrix XenApp
cmspg-cs-cx21v SG1 Citrix WebInterface/StoreFront
cmspg-cs-cx23v SG1 Citrix XenApp
cmspg-cs-cx24v SG1 Citrix XenApp
Cmspg-cs-cx27v SG1 Citrix Delivery Controller
cmspg-cs-cx30v SG1 CTX Licensing / RDS Licensing
Cmspg-cs-db24v SG1 SQL Server for Citrix
cmspg-cs-fs21v SG1 File Server
cmssp-cs-cx1v SG1 Citrix XenApp
cmswg-cs-cx1v SG1 Citrix XenApp
cmswi-cs-cx1v SG1 Citrix XenApp
cmszb-cs-cx1v SG1 Citrix XenApp

3. Risk Assessment (Cause)

� What are the risks involved in this change? : No Risk

� Will this change affect any business critical configuration items? : No
business impact.
� Will users be affected by this change? If so how? : no users will affected.
� Outline resilience options where applicable.
� Is there Disaster Recovery/ Failover available on the service? If so, give
details.
� Has this change been deployed in the past without error? : Yes CHG3018854
CHG3018489

4. Impact Assessment (Effect)

� Will this change have an impact on any Business Service(s)? : No

� Will this change require a service outage? If so please state on which
service(s) this outage must be taken? : No outage
� If the change fails, what will the impact be to the business - : Windows
servers will not be updated and that might cause any security risk.

d) No interruption to service

5. Documentation Updates
� Will support document

hMuG0ireW7ziOD0Ozk1A

ntp1.fr.colt.net
ntp.fr.colt.net

cmshl-cs-cx4v 10.206.29.3 example: 10.206.29.12

cmspg-cs-cx3v 10.204.29.3 example: 10.204.29.12
cmswg-cs-cx3v 10.204.221.3 example: 10.204.221.11