When choosing test devices, look for these characteristics:
There are two options for patching Windows devices:
◦ |
Use Windows Update: Windows Update is a Microsoft feature that downloads and installs updates to Windows operating systems. If you enable Windows Update on managed devices, use Patch Management on the appliance only to detect Windows operating system patches, not to deploy them. Patches will be deployed by Windows Update. |
◦ |
Use the appliance: You can download and deploy patches for Windows operating systems using Patch Management. If you use Patch Management on the appliance, disable Windows Update on managed devices, because patches will be deployed by the appliance. |
◦ |
Servers: These require careful and well-publicized upgrades. When patching servers, you might need to plan ahead by several weeks. |
◦ |
Desktops: These have more flexible options for patching, because they are often left running when they are not in use. |
◦ |
Laptops: These are the most difficult to patch, because they are often only available to patch while being used. |
For more information about creating patch schedules for each type of device, see:
◦ |
Send email or use other messaging systems: Notify users in advance through email and other messaging systems outside the appliance Administrator Console. This notification is especially useful when patching might prevent access to critical systems, such as servers, for a time. |
◦ |
Send an alert message from the appliance: Use the appliance Administrator Console to create an alert and broadcast it to all devices or to selected devices. These broadcast alerts can be used to remind users that patching is about to start. |
• For more information on creating alerts, see Broadcasting alerts to managed devices.
◦ |
Provide alerts during patching: When you schedule patching, choose to alert users before patching, and prompt users before rebooting their devices. You can also enable users to snooze or postpone reboots if necessary. See Configuring patch schedules. |
For more information about scheduling patching for various devices, see:
Patching jobs can require extensive bandwidth and resources. To reduce the impact on users, you can set time limits on patching jobs. For example, you could configure patching jobs to start at 04:00 and stop at 07:00. Any patching jobs that are in progress at 07:00 are suspended. Jobs resume where they left off when the next scheduled patching job begins. See Configuring patch schedules.
For more information on setting up and using Replication Shares, see Using Replication Shares.
Quest Support has a Knowledge Base of articles about the appliance, which you can access at https://support.quest.com/kace-systems-management-appliance/kb. The Knowledge Base is continually updated with solutions to real-world appliance problems that administrators encounter. To view patching articles, go to the Knowledge Base and search for Security.
Sponsored by Quest KACE, ITNinja.com (formerly AppDeploy.com) is a product-agnostic IT-focused community website. It is the Internet’s leading destination for IT professionals to share information and ask questions about system-management related topics. See http://itninja.com.
To enable patching, you need to subscribe to patches and schedule patch downloads to the appliance.
To complete patch downloads, access product information, and interact with Quest Support, the firewall, DNS server, and proxy server settings must allow the appliance to access specific domains on both port 80 and port 443.
Localized content, third-party software licenses, and product information | |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Nutzungsbedingungen Datenschutz Cookie Preference Center