Getting started with patch management
Patch Management consists of four consecutive steps:
- Scanning: Selecting devices/device groups and scanning them for patches.
- Assessing: Assessing the results of the scan arranged in Missing Patches/Service Packs and Installed Patches/Service Packs. You can order the results, for example, by severity or product name.
- Deploying: Selecting patches/bulletins/service packs and deploying them to the affected devices.
- Monitoring: Monitoring the deployment progress and the results.
By executing these four steps your devices are protected from potential attacks. Additionally for each step you have several options to further automate and optimize your processes.
You have the following main options for improving your patching processes:
- Automating scan: Setting up Patch Management to automatically scan your devices for missing patches/service packs according to your schedule.
- Scheduling deployment: Deploying patches at times of low network load (like over night) to maintain CPU capacity during the working day.
- Generating patch reports: Generating reports in different formats (PDF, HTML, XML) to visualize and track patching results.
- Automating patch download: Automatically downloading patches based on certain criteria (severity, product name, etc.) to ensure they are immediately available for deployment.