offline patching offline patch
In some environments, devices are located in a secure location that does not have access to the Internet. You can still use SolarWinds N-central and patch manager to update these devices for system type patches and third party patches. The Patch Manager Engine enables you to do this.
For patching secured devices that are not connected directly to the Internet, you need:
- SolarWinds N-central 12.2 or higher,
- the device must be running patch manager engine 1.2.4 or higher, and
- a local probe configured with access to the internet to access the patch files.
This offline patching is controlled using a PME configuration file. There are two scripts available to enable and disable offline patching.
- Use PME-OfflineScan-On.ps1 to enable offline patching (https://sis.n-able.com/PatchManagement/script/PME-OfflineScan-On.ps1).
- Use PME-OfflineScan-Off.ps1 to disable offline patching (https://sis.n-able.com/PatchManagement/script/PME-OfflineScan-Off.ps1).
Use the SolarWinds N-central scripting scheduled task to run the script.
Note that what you see on offline devices may not match exactly what you see when patching devices online using Windows updates. For example, you will be presented all CUs available for the device which are not installed, instead of just the latest.
Your devices still require access to SolarWinds N-central via the internet or a proxy connection to submit agent data for normal monitoring, including the Patch Status service.