So, I met with a major hardware vendor today to talk about firmware update processes. They have a few different products for managing firmware. The “best in class” that they offer is… a reminder of why enterprise IT is so f—ed up.
We have hundreds of their devices (Intel-based servers), and each has multiple firmware: BIOS firmware, IPMI firmware, RAID controller firmware, and even the freakin' power supplies have firmware. Because new releases are constantly flowing, there is always something out of date.
Most companies, it seems, deals with this by ignoring the problem. However, we decided it would be nice to stay current so we had a meeting to find out our options for automating this. A lot of security holes are in the firmware. Staying current is more important every day.
All of their options were NOT what I’d call automated. What I would call them is a “jobs program for IT employees”.
All of their options create a big list of what work needs to be done. Some do it by a report that gets emailed to us, some give us a dashboard, etc.
However none of them provide an API so that we can automate the process, like we do with OS updates.
I presume this is because the typical IT department is set up to receive this kind of report, then everyone on the IT team takes their share of the list and manually does the upgrade. They do this one a year or… never. Or, they have a single person on the IT team whose full-time job is to just sit there clicking on the “upgrade” button, one at a time, upgrading firmware all over the place.
I can’t believe that that is the state of the art.
But then I thought about it, and I realized that is EXACTLY what the state of the art should be, since most IT departments are a manual labor force. I keep forgetting that automating the hell out of things is the exception, not the rule.
This is why IT has such a f—ed up reputation. This is why CEOs say shit like “IT has not ROI” or HBR writes articles with titles like, “IT doesn’t matter”.
Damn I hate hardware. I think I hate the hardware industry even more.