Remote Monitoring & Management Help

Patch Management Workflow

The Patch Management Workflow provides a consolidated process for handling patches on multiple devices. This dialog lists all patches discovered across all of servers and workstations running Patch Management. As the number of entries may easily stretch to tens of thousands, we have included both dialog and column filters to assist in the identification and management of these patches to provide a more targeted view.

By default, servers and workstations Inherit the policy for each patch from the site, which will in turn inherit the policy of the client, which will in turn inherit the policy for all servers or workstations.

Once configured, this patch policy setting is applied to any instance of the patch (both now and in the future) that matches the selected Entity criteria.

  1. Log into the Dashboard
  2. Go to Settings > Patch Management > Management Workflow

Filter results and select Patches

  1. Use the filters to return information on the target patch(es):
  2. Filters Notes

    Search

    The Patch name search supports partial string searches and returns those patches that contain an element of the entered string in their name.

    Please note that the returned results are based on the Date and Filter by Status selection with the search immediately applied.

    Date

    Choose the patch Release Date range to display from: Last 24 hours | Last 7 days | Last 3 months | Last 6 months | Last year | All time

    Filter by Status

    Return patches that meet the selected Status criteria with this setting immediately applied:

    patch_missing_icon

    Missing

    A patch is available for the device and awaiting approval for installation

    patch_pending_icon

    Pending

    Patch was approved and is awaiting manual or scheduled installation

    patch_installing_icon

    Installing

    Patch is currently being installed

    patch_installed_icon

    Installed

    Patch was successfully installed.

    The Date Installed is populated where the patch was deployed via Patch Management

    patch_failed_icon

    Failed

    Installation of the patch was not completed successfully.

    On a small number of occasions a reboot may be required to complete this installation.

    patch_ignored_icon

    Ignored

    A patch is available for the device, but was marked as Ignored. Ignored patches are not listed as missing in future Patch Status Scan checks on this server or workstation.

    patch_reboot_icon

    Reboot Required

    A patch was installed but requires a reboot to complete the installation process

    Apply filters

    Display the patch information based on the filter selection

    Reset filters

    Remove all filters and return to the defaults. Date: Last Month | Filter by Status: Missing

  3. Click on the link pm_vendor (where available) to visit the vendor's site for more information on a patch
  4. Click Apply filters to view the results or Reset filters to remove all filters and return to the defaults. Date: Last Month | Filter by Status: Missing
  5. Use the Columns drop-down to refine the results, providing the required information to make a considered patch selection.
  6. Click on the left-column link (where available) to visit the vendor's site for more information on a patch.
  7. Multi-select the patches (Shift and left-click for a range, Control and left-click for specific patches)
  8. Choose Patch Action

  9. Proceed to continue
  10. Select the required action:
  11. Inherit

    Inherit the patch settings from the parent entity.

    For example a Site will inherit the settings from a Client, and a Client will inherit the settings for all Servers or Workstations.

    Approve

    Approve the patch for deployment at the next installation time

    Ignore

    Do not list the patch as missing in future Patch Status Checks

    Do Nothing

    Indicates that you are aware of the patch but do not intend to immediately Approve it for installation.

    One example of using Do Nothing is where a Critical Operating System update is available, but due to it's potential system impact you wish to delay the roll-out until the update is fully tested internally. Once satisfied, change the action to Approve or Inherit (where Approve is set for a parent setting) to install out the patch.

    Reprocess Failed

    Attempt to reinstall the patch where the previous installation was reported as failed

    Uninstall

    Only available for Microsoft patches with Yes in the Uninstallable column where the device is running Agent 10.2.0 or later.

    Supports the removal of up to ten patches at any one time. For more information on patch removal please refer to the section Uninstall Microsoft Patches.

    Visit Patch Approval Actions for information on the patch approval hierarchy.

  12. Click Next
  13. Select the device type Servers and/or Workstations as well as the Client and Site combination
  14. Click Apply for Inherit, Ignore, Do Nothing, Reprocess Failed and Uninstall
  15. Click Next for Approve and choose when to install the patch
    • Use existing schedule (for information, the current schedule is displayed)
    • Schedule for a new time, configure the installation time and patch reboot behavior. Enter the password of the account you have logged into the Dashboard under to confirm this action. The Schedule for a new time setting is only applied to the patch on this device and takes precedence over the existing installation schedule.
  16. Close to exit the dialog

The scheduled time refers to the local time of the computer the Agent is installed on. Please take this into consideration where your Dashboard contains Clients, Sites or Devices in different timezones, to ensure Patches are not installed at an inappropriate time. One suggestion is to set a custom Installation Schedule at the Client, Site or Device level based on their timezone.

pm_workflow_main