Patch Management module parameters

The Patch Management (PatchManagementPremium) module is completely automated to make patching painless: it scans, remediates and reports on your whole network autonomically to keep security patches on a large number of applications of different manufacturers up to date. This module is loaded by default only on the master if it is a Windows device.

Parameter

Default Value

Description

Scan machine on startup

No

Defines if the device is scanned for the current patch situation at agent startup.

Differential Upload

Yes

Specifies if the inventory is to be completely replaced which each upload when differences are detected or only the delta, that is, the modifications of the inventory. If the inventory template is changed the next inventory will always be a complete inventory, even if this option is activated.

Synchronize at Startup

No

Patch synchronization allows a device to send its current list of patch groups it is assigned to as well as their checksum. The master compares the checksum and if it is different to its own it sends the master list of patch groups to the device.

Additional Automatic Synchronization Hour

23

Enter here the hour at which an additional synchronization is to be effected, that is, the comparison of locally available operational rules with the operational rules master list. The format is 24-hour format, for example, 23 for 11 pm .

Minimum Gap between Two Automatic Synchronizations (sec)

43200

Defines the minimum interval in seconds at which the rule synchronisations are to be done. This means that if a default synchronisation is executed at 23:00 at night and the client is started at 6 am with agent startup synchronisation defined, no synchronisation is executed until at least 11 am even if the agent is started/restarted before, as the interval is fixed for 12 hours minimum.

Enable Internet Check for Knowledge Base Update

Yes

Check this box to activate the verification for new versions of the Knowledge Base via the Internet. This value is only applicable to the Patch Manager, for all other devices this value should be deactivated.

Internet Check Schedule for Knowledge Base Update

Every Day , at , 23:00

Click the Edit icon to the right of the field to define or modify the schedule for the Knowledge Base update via Internet. Select the desired values from the options in the appearing window.

Automatic Knowledge Base Update after Check

Yes

Check this box to automatically update the configuration files with the newly found version of the files. If activated this option only downloads the file if the file is of a newer version than the version currently available on the Patch Manager, or if the Force Parse parameter is activated. It then directly updates the local file.

Upload New Inventory if New Version is Detected

No

If a new version of the Knowledge Base is detected on the Patch Manager, it automatically launches a new patch inventory scan via the respective operational rule and uploads the results.

Patch Process Interval (sec)

60

Manages the patch module thread execution, defining the interval in seconds at which requests on the database are executed.

Archiving of Downloaded Patches after Publication


Defines if the patches are stored in the download directory of the Patch Manager after the patch custom package was created and successfully published to the Master. If the option Move is selected, you need to fill in the following field Path for Local Patch Repository which defines the path to the local storage location.

Path for Local Patch Repository

Defines the local path which the patch module checks if the patch to be downloaded is already available locally there before actually downloading it from the Internet.

Download Retry Count

1

Specifies the number of retries for a patch download.

Download Retry Interval (sec)

300

Defines the interval in seconds between each retry for the patch download.

Block Patch Installation

No

Check this box to prepare the patch installation on all targets of the group for execution, without launching the installation itself.

Maximum number of concurrent downloads

3

Defines the number of patches that can be downloaded simultaneously.

Download Patch From InternetNo

Select this check box if you want to force the agent download the patch directly from the internet. It can be useful in case the bandwidth between the agent and its parent is not good enough for a large file download. If this option is enabled on a relay, the patches are retained in the Filestore Downstream, so that they can be downloaded from its children.

Was this page helpful? Yes No Submitting... Thank you

Comments