Back to Blog Landing

Meltdown-Spectre Patches Are They Helping or Hurting?

Riverbed Technology January 11, 2018

Ever since the announcement of the Meltdown-Spectre processor security flaws by Google Project Zero, companies have been researching ways to identify and protect their susceptible phones, PCs and servers. It’s a big job. As Google stated, these vulnerabilities “can affect just about every processor released since 1995.”

Vendors have been working to find solutions, or at least mitigations, to these problems. Over the last week, several vendors have released patches to address these issues. While these patches are needed, reports have stated that they could potentially negatively impact the devices they are applied to. For example, Microsoft warned of performance degradations on most Windows OS’s. Other reports have stated that patches can result in Blue Screens of Death (BSOD) due to incompatibility between the patch and some anti-virus software.

The question for Desktop Services teams is how to determine whether these Meltdown-Spectre patches are helping or hurting? Fortunately, SteelCentral Aternity can help. Here are four steps to take to assess the impact of these patches on device performance and user experience.

1. Inventory your device estate to determine vulnerability

Since the patches supplied by vendors are unique for each model, you first need to analyze your estate. With Aternity, you can inventory your end user environment based on a variety of attributes, such as manufacturer, model, CPU types and OS versions. Having a read-out of exactly how many vulnerable devices you have and their location will help you determine your firmware patching strategy. It will also help you determine whether you have outdated hardware that needs to be replaced.

Inventory device estate before applying Meltdown-Spectre patches
Inventory your device estate by CPU type and speed to profile vulnerable devices

2. Track trends in history device performance

Aternity trends key device health and performance metrics over time, for PCs, laptops, virtual devices, smart phones and tablets. With a historical baseline of normal performance, you can then analyze the performance after you apply the patches provided by your vendor.

Track device performance after applying a patch for Meltdown-Spectre
Trend analysis of CPU resource consumption shows a spike in CPU utilization after installing the Meltdown-Spectre patch

3. Identify device health events caused by patching conflicts

Applying Meltdown-Spectre patches might do more than slow down your machines. It might cause more serious issues like BSODs. Aternity tracks device health problems like application crashes, update failures, memory or disk trouble, hard drive failures, battery issues, and Blue Screens of Death. It provides a variety of other information that enables IT to categorize and investigate these problems. With the latest release, Aternity proactively triggers a service desk alert when the same application, hardware, or system health event occurs within a specified period of time. Watch this short video to see how Aternity’s integration to ServiceNow provides proactive notification of device health issues and immediate drill-down to performance reports for issue investigation.

4. Determine the impact of patches on workforce productivity

Aternity baselines the performance that your users get from every application running on their device (thick client and web based) and then provides a before and after view once patches are applied.

Analyzing performance after applying Meltdown-Spectre patches
Analyze differences in application and device performance before and after applying your Meltdown-Spectre patch, or any other configuration change

When you deploy Aternity to monitor devices, Aternity monitors the actual end user experience your workforce sees, as if you were standing there stopwatch timing their interactions with the applications they use. Although other approaches to End User Experience Monitoring exist, Aternity is unique in its ability to truly see “click to render time.” When you make changes to your end user environment, like applying these Meltdown-Spectre patches, Aternity enables you to validate the impact of the change on end user experience. Aternity will show you whether things have remained the same, gotten better, or gotten worse. This is the only true measure of whether these patches are helping or hurting workforce productivity.

Get a handle on the impact of Meltdown-Spectre patches today!

Free Trial End User Experience MonitoringIf you’re ready to take the first step to assessing the impact of these patches on your environment, you can get started today. Register for instant access to Aternity running in our cloud environment to explore all of Aternity’s use cases.

You may also like

End User Experience Monitoring: I Bet Your Tool Can’t do THIS! Part 2

Establish eXperience Level Agreements (XLAs) based on business processes One of the obstacles to a successful Digital Experience Management strategy is

Read More
End User Experience Monitoring: I Bet Your Tool Can’t do THIS! Part 4

Validate the impact of IT change on end user experience By definition, digital transformation is all about IT change. Migrating apps

Read More