Automate Windows, Mac and Linux patching from a centralized console
Once the vulnerabilities in your network are identified and assessed, the next step is to drive them to closure. Vendors often release patches to address vulnerabilities in their product. Patch Management should be carefully planned and orchestrated. If not, it would cause more harm than the vulnerabilities it is supposed to address. Vulnerability Manager Plus' inbuilt patch management module helps you automate complete patching while letting you customize every aspect of patching process.
Heteregeneous, multi-platform patching:
- Manage patches of Windows, Mac, Linux across servers, laptops, desktops, virtual machines, remote and roaming devices from a centralized console.
- Deploy Windows security updates, non-security updates, Service packs, rollup updates and feature packs.
- Make use of pre-built, tested Linux packages along with dependencies, Linux kernal patching and multiple Linux distro patching.
- Identify and deploy Mac security and non-security patches in real-time.
- Seamlessly patch 500+ third party applications including Adobe, Java, Firefox, etc.
- Deploy definition updates to Windows Defender Antivirus and Mcafee Virusscan Enterprise antivirus softwares.
Test and approve patches:
- Create a test group that is identical to the production environment.
- Automatically test patches for for incompatibility, unintended bugs or any other installation failure issues.
- Once tested, you can choose to approve patches either manually or automatically.
- Successfully tested and approved patches will be taken up for Automated Patch Deployment tasks.
Automated patch deployment:
Achieve cradle to grave automation in patching right from detecting missing patches in all the endpoints, downloading them respective vendors, testing them out for stability till deploying them to production machines.
- Keep abreast of frequent release of patches from multiple vendors.
- Schedule scans by time, computer, group or user-defined collections of computers and continuously monitor missing patches on the endpoints.
- Select the criteria of patches you wish to deploy and select target machines/ groups for your deployment, and let patch management takes care of everything else.
- Gain Periodic updates on patch deployment status and redeploy failed patches without having to lift a finger.
Deployment policies:
Customize your patch management process on when and how patches should be deployed to users' machines, and what should happen after patch deployment.
- Configure preferred weeks, days and window for deployment based on your needs.
- Initiate deployment either during system start-up or refresh, or whichever is earlier.
- Wake shut down computers before deployment using Wake-ON LAN feature.
- Download patches on the client machine during subsequent refreshes, even before the deployment window.
- Notify users on deployment, allow them to postpone deployment or force deployment on their machines.
- Carefully craft shutdown, reboot policies for critical machines like web servers, database servers, etc.
Decline patches:
- Decline patches to specific group of computers and legacy applications.
- Decline the deployment of patches found 'problematic' during pre-testing process.
- Delay the deployment of less critical patches by declining them initially.