I have a production and a test test RSA Auth Mgr system. 8.1 SP1 P3 still. We still have plans to upgrade to 8.3 P4 level.
Both have their own separate web tiers for self service consoles.
the Web Tiers are VMWARE based and running RedHat Linux 6.6 level for OS
These Web Tier's are in a DMZ and very protected.
This question is about patching the OS and potential impact on our web tiers
Evidently the 6.6 level might be a little dated ?, Our security folks have asked us why we have not patched the OS. I'm not familiar with the Linux side of things. I know there is a 6.11 level out. Also an option is to apply security patches only to the 6.6 level.
Just running this out there to see what the best course of action might be to take. Would patching Linux 6.6 to 6.11 level cause us any heartburn ? How about doing security patches only ?
Can you all give me guidance on this ?
Thanks for your comments, suggestions etc