IBM i Global

I have been tasked with seeing what is in the V7R5 PTF Level 23306 Cumulative PTF.  I have found a few links, but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  I know many items are technical fixes, but I do not want to miss an item that has downstream impact on day to day where a configuration change has been impacted.  

------------------------------
David Taylor
Sr Application Developer
Range Resources
Fort Worth TX
------------------------------

Dear David

>>>> but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  <<<<

Based on my 30+ years as an IBM i specialist, the only relevant information for each cumulative PTF package was in what is called PSP (Preventive Service Planning) but there was no summary info and it is no longer maintained.  Nowadays, you need to go to IBM i Group PTF info ( https://www.ibm.com/support/pages/node/7025229 ) but it does not contain "a summary listing the impact of the group" that you asked about. The only thing you can do is to browse information of each individual PTF and this is impractical to do.

I share my sympathy with you as some past customers of mine also wanted a summary impact information of PTF packages when they were suggested to apply to address certain problems they had but this is not a practical investment for IBM (or any SW vendors at all) to oblige.  So, this status quo is prevalent in IT industry since its beginning.  The reality about past bug fix was even worse as you can see from the earlier part of this book: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth ( https://www.goodreads.com/book/show/49247043-this-is-how-they-tell-me-the-world-ends ).

My personal experience with applying IBM i CUM PTF PKG has been mostly smooth with no issues.  But then I also saw that if there is no known issues addressed by PTFs or a need for new enhancement delivered by PTFs, most of my local customers rarely apply any PTF at all.                   

------------------------------
Satid S
------------------------------

Original Message:
Sent: Mon April 29, 2024 08:42 AM
From: David Taylor
Subject: PTF Summary details V7R5 PTF Level 23306

I have been tasked with seeing what is in the V7R5 PTF Level 23306 Cumulative PTF.  I have found a few links, but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  I know many items are technical fixes, but I do not want to miss an item that has downstream impact on day to day where a configuration change has been impacted.  

------------------------------
David Taylor
Sr Application Developer
Range Resources
Fort Worth TX
------------------------------

Hello David,

In today's world applying only the Cumulative PTF package is not enough. All PTF groups available for your release and installed software must be included in your patch strategy. For me the Security PTF group is a no-brainer. PTF's are for bug fixes when they include new functionality the PTF cover letter will tell you. New functionality is bundled in a Technology Refresh, which is well documented. 
Over the years I have seen customers having down time or bad performance which all could have been avoided if that would have kept current with the PTF groups and cumulative PTF packages. Besides that GDPR more are less tells you that keeping your systems up-to-date with patches is good practice to avoid trouble. This is in general also said what you need to do to protect yourself from hackers. 

I always try to explain this in a simple comparison: When your are brought to the hospital and you need to be connected to a heart monitor and there are two minters available. One heart monitor has never been patched and the other one is up-to-date with patches. Which one would you pick?

With IBM I we luckily enough do not have to make this choice, with a test LPAR we can test the patches. 

------------------------------
Rudi Van Helvoirt
------------------------------

Original Message:
Sent: Mon April 29, 2024 08:42 AM
From: David Taylor
Subject: PTF Summary details V7R5 PTF Level 23306

I have been tasked with seeing what is in the V7R5 PTF Level 23306 Cumulative PTF.  I have found a few links, but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  I know many items are technical fixes, but I do not want to miss an item that has downstream impact on day to day where a configuration change has been impacted.  

------------------------------
David Taylor
Sr Application Developer
Range Resources
Fort Worth TX
------------------------------

At one time there was PSP or Preventative Service Planning documentation.  There is still a site you can find for this however it clearly states that it is no longer being updated and is a vast sea of broken links.  The closest to such documentation as ye be searching for was a listing of the PTF's on a cume.  If the description associated with a particular PTF was useful (which often it was not), then that was your listing.

But basically, each quarter I put on whatever cume is available, all PTF groups and any of the "Recommended" type PTF's listed at https://www.ibm.com/support/pages/ibm-i-support-recommended-fixes

I do not expend the effort to read individual PTF cover letters, nor do I go searching for PTF's not currently on a cume, group, or on the recommended list.

At this time, most of IBM's websites dealing with PTF's is undergoing a very poorly managed transition and is a quagmire.  As much as I try to encourage gui methods sometime it may be better during this transition to look at the details in the cume cover letter you get with SNDPTFORD SF98750.  Then look for the ptf associated with "PSP Cur. Cumulative PTF Pkg Listing of PTFs " and SNDPTFORD that one.

------------------------------
Robert Berendt IBMChampion
------------------------------

Original Message:
Sent: Tue April 30, 2024 04:17 AM
From: Rudi Van Helvoirt
Subject: PTF Summary details V7R5 PTF Level 23306

Hello David,

In today's world applying only the Cumulative PTF package is not enough. All PTF groups available for your release and installed software must be included in your patch strategy. For me the Security PTF group is a no-brainer. PTF's are for bug fixes when they include new functionality the PTF cover letter will tell you. New functionality is bundled in a Technology Refresh, which is well documented. 
Over the years I have seen customers having down time or bad performance which all could have been avoided if that would have kept current with the PTF groups and cumulative PTF packages. Besides that GDPR more are less tells you that keeping your systems up-to-date with patches is good practice to avoid trouble. This is in general also said what you need to do to protect yourself from hackers. 

I always try to explain this in a simple comparison: When your are brought to the hospital and you need to be connected to a heart monitor and there are two minters available. One heart monitor has never been patched and the other one is up-to-date with patches. Which one would you pick?

With IBM I we luckily enough do not have to make this choice, with a test LPAR we can test the patches. 

------------------------------
Rudi Van Helvoirt

Original Message:
Sent: Mon April 29, 2024 08:42 AM
From: David Taylor
Subject: PTF Summary details V7R5 PTF Level 23306

I have been tasked with seeing what is in the V7R5 PTF Level 23306 Cumulative PTF.  I have found a few links, but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  I know many items are technical fixes, but I do not want to miss an item that has downstream impact on day to day where a configuration change has been impacted.  

------------------------------
David Taylor
Sr Application Developer
Range Resources
Fort Worth TX
------------------------------

Hi David,

I've been an i specialist for some time now (I come from IBM 38). It's very complicated/impossible to read all the IBM notes on i updates, associated PTF groups and also RESAVEs (don't forget), bearing in mind that each customer has their own infrastructure, technical base configuration, security, network, applications, etc...

A wise decision when possible is to wait about 6 months before putting a new release or version into production. For example, when i7.5 was released, I copied a customer production (in May 2022) onto another LPAR (on the same server) to run i7.5 tests, and fortunately I did, because in 2 weeks I came across 3 unknown problems, which IBM of course corrected.

I've done a lot of upgrades for my customers who are upgrading to i7.5 in 2024 without really encountering any particular problems.

But whatever strategy you adopt, the devil is in the detail :) and so you can reduce the risks as much as possible, but don't imagine for a moment that 0 risk doesn't exist!

Think about backtracking procedures just in case.

Good luck to you !

------------------------------
Nicolas FRAYSSE
------------------------------

Original Message:
Sent: Tue April 30, 2024 07:33 AM
From: Robert Berendt
Subject: PTF Summary details V7R5 PTF Level 23306

At one time there was PSP or Preventative Service Planning documentation.  There is still a site you can find for this however it clearly states that it is no longer being updated and is a vast sea of broken links.  The closest to such documentation as ye be searching for was a listing of the PTF's on a cume.  If the description associated with a particular PTF was useful (which often it was not), then that was your listing.

But basically, each quarter I put on whatever cume is available, all PTF groups and any of the "Recommended" type PTF's listed at https://www.ibm.com/support/pages/ibm-i-support-recommended-fixes

I do not expend the effort to read individual PTF cover letters, nor do I go searching for PTF's not currently on a cume, group, or on the recommended list.

At this time, most of IBM's websites dealing with PTF's is undergoing a very poorly managed transition and is a quagmire.  As much as I try to encourage gui methods sometime it may be better during this transition to look at the details in the cume cover letter you get with SNDPTFORD SF98750.  Then look for the ptf associated with "PSP Cur. Cumulative PTF Pkg Listing of PTFs " and SNDPTFORD that one.

------------------------------
Robert Berendt IBMChampion

Original Message:
Sent: Tue April 30, 2024 04:17 AM
From: Rudi Van Helvoirt
Subject: PTF Summary details V7R5 PTF Level 23306

Hello David,

In today's world applying only the Cumulative PTF package is not enough. All PTF groups available for your release and installed software must be included in your patch strategy. For me the Security PTF group is a no-brainer. PTF's are for bug fixes when they include new functionality the PTF cover letter will tell you. New functionality is bundled in a Technology Refresh, which is well documented. 
Over the years I have seen customers having down time or bad performance which all could have been avoided if that would have kept current with the PTF groups and cumulative PTF packages. Besides that GDPR more are less tells you that keeping your systems up-to-date with patches is good practice to avoid trouble. This is in general also said what you need to do to protect yourself from hackers. 

I always try to explain this in a simple comparison: When your are brought to the hospital and you need to be connected to a heart monitor and there are two minters available. One heart monitor has never been patched and the other one is up-to-date with patches. Which one would you pick?

With IBM I we luckily enough do not have to make this choice, with a test LPAR we can test the patches. 

------------------------------
Rudi Van Helvoirt

Original Message:
Sent: Mon April 29, 2024 08:42 AM
From: David Taylor
Subject: PTF Summary details V7R5 PTF Level 23306

I have been tasked with seeing what is in the V7R5 PTF Level 23306 Cumulative PTF.  I have found a few links, but I have not found a summary listing the impact of the group. Do I really need to read through every PTF on the list to see the impact?  I know many items are technical fixes, but I do not want to miss an item that has downstream impact on day to day where a configuration change has been impacted.  

------------------------------
David Taylor
Sr Application Developer
Range Resources
Fort Worth TX
------------------------------