Error: Invalid spaceKey on retrieving a related space config.

Managing patch jobs

A Patch Job is a container with all necessary information to deploy one or several patches to one or more target devices/device groups in a completely automatic way.

What can I do with a Patch Job?

With a Patch Job you can:

  • Deploy patches to devices and device groups
  • Assign devices and device groups on which you want to deploy patches
  • Define actions to be executed before and after deployment (for example, displaying a dialog, rebooting after installation)
  • Define a schedule for patch deployment
  • Generate and view reports on the Patch Job

Why select a Patch Job instead of a Patch Group?

A Patch Job allows you to define you patching process in such a way that you only must monitor the results but never must manually interfere in its execution. When defining the Patch Job , you specify all required elements such as the severity of the patches to apply, which types of patches to apply, that is, only security patches or all of them, and the product for which these patches are to be applied, for example, for the operating system, one or several Microsoft Office products, or a single specific application. Then you define the device population on which these patches are to be applied and the execution schedule for these. Now, whenever a new patch becomes available that fits all the defined requirements, it will automatically be downloaded, added to the Patch Job , transferred to the target devices according to the defined schedule and installed - without any manual interference.

Should I create one Patch Job with all patches or split patches into different Patch Jobs?

If you have a limited number of patches that must be deployed to all devices in your network, it might be most efficient creating one patch group, add all your patches to the group and assign the predefined device group All Devices .

Thus you ensure that all devices in your network have the included patches installed.

If you have many patches from different vendors and BCM agents in different geographical locations, it might be most efficient to split patches into different jobs.

Following you can see a fictitious example of a global company, which has a location in Florida and wants to ensure that all Adobe products at that location are up to date. This example demonstrates a possible way of using patch jobs effectively.

The process could be as following:

  • Creating Device Group : dynamic device group including all devices from your location in Florida.
  • Creating Patch Job : includes all patches for Adobe products and is therefore called Adobe Patches . Assign the dynamic device group with devices from Florida.
  • Scheduling : Define a schedule to deploy the patches of the patch group every Saturday, when the network load is low. All patches are deployed to the devices next Saturday. Due to this schedule, the Patch Manager checks the devices from Florida every Saturday: if a device has the patches already installed, no patches are deployed and the Patch Manager continues checking. If there is a new device detected which is missing the patches, the respective patches are immediately downloaded and deployed.
  • Generating Report : Generate the predefined report Patch Job History every Monday morning and have it sent it by email to your account and other employees in your company who require a report.

All your Adobe products that are installed on the devices in Florida are automatically patched and a report is generated and distributed providing an overview of the current patching situation.

Where do I find a Patch Job in the console?

To view all your existing patch jobs go to:

To define Global Settings for patch jobs go to:

To view predefined reports assigned to patch jobs go to:

Related topics

Was this page helpful? Yes No Submitting... Thank you

Comments