There are some servers that have a task delegated to them.
For instance, imagine a scenario where there are web servers, data servers etc. that together provide a service to a client.
Now how should I make sure the servers are up to date with new software package releases without blindly choosing an automatic update option? I may not be able to shut down a server for an update. How can I know that which update will affect what all running processes in the system, so that if the update affects a critical process pertaining to a service, I can deny that particular update or re-schedule it for some other time?
--Edited part--
My main focus is that the running service should not be affected, while the security updates for that service should be informed to the admin PC connected in LAN. Also all those updates that do not affect the running service should be automatically updated.