Patch management

Security threats to your applications and operating systems have never been more pervasive. Ensuring your organization's computers are properly patched with the latest releases from an ever-growing list of vendors is time-consuming and difficult. Mistakes and delays in the patch process can be extremely costly to the business.

Related topics

Managing-patches

Configuring-Patch-Management

BMC Client Management Patch powered by Ivanti®, automatically scans your environment and identifies which devices are missing which patches. It also provides administrators with options for quick deployment of critical fixes to ensure compliance and reduce the risk of a security breach or incident, including the option to set once and automate the ongoing patching for operating systems and applications across the environment. Administrators can easily track the progress of patch updates in real time and can utilize built-in wizards to quickly define pre- and post-installation parameters to control how deployment occurs. BMC Client Management Patch Manager tracks and provides patch management options for Microsoft operating systems, Exchange, SQL, and Citrix, as well as a wide range of other third-party applications.

Windows systems that can be patched are:

  • Windows 8 Family, excluding Windows RT
  • Windows 10 Family
  • Windows 11 Family
  • Windows Server 2012 Family & R2
  • Windows Server 2016 Family
  • Windows Server 2019 Family
  • Windows Server 2022 Family

To see a list products that BMC Client Management is capable of patching, see https://www.ivanti.com/support/supported-products.

The following table lists the main features of patch management:

Feature

Description

Service Anywhere

Secure and patch local devices or machines across the internet without the need for a VPN.

Automatic bulletin updates

Configure downloads and updates to the vulnerability and patch bulletins catalog.

Set-it-and-forget-it patching

Determine your deployment options, patch criteria, and how you want to deploy patch updates over time - automatically or upon review and approval - with the built-in wizard.

Missing patches view

View a list of missing patches per device with their severity level.

Wake-on-LAN

Distribute patches and other related maintenance tasks automatically, outside of business hours, by waking PCs, deploying patches, and shutting down machines once updates are complete.

Support for Microsoft and non-Microsoft solutions

Deploy patches for such products as Citrix, Exchange, SQL, Mozilla Firefox, Adobe, Apple iTunes, WinZip, and more.

Dynamic groups

Easily target groups of devices for updates based on patching requirements and computer attributes.

Status tracker

Monitor the patching process in real-time and receive detailed information regarding any errors or anomalies so you can take immediate corrective measures.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*