Deployment Policy is an end-to-end customized policy configured by the IT administrators to deploy patches according to the enterprise's needs. The deployment policy also aids in designing a user-specific patching policy, enabling an effective patching system across all the endpoints, managed by the enterprise irrespective of its location.
When you deploy a software or a patch using Endpoint Central, you can specify multiple Deployment Settings like when to install, whether the user can skip deployments, reboot policies, etc. These deployment settings can be created as Policies, which can then be used while defining the configurations/tasks. Any policy can be marked as a default policy, so that it will be applied by default for all subsequent configurations/tasks that are created.
There are several ways to create deployment policies: Policies can be created from the Deployment Policies page. You can reach the Deployment Policies page by,
Each enterprise has its unique set of rules and regulations with a customized working pattern to gain maximum returns. The deployment of the patches might sometimes hinder the productivity of the systems due to high bandwidth consumption. To avoid this, the admin can customize the Deployment schedule.
To do this,
If you wanted the configuration to be deployed to the computers, which are turned off, then you can enable the check box to "Automatically wake computers before deployment". Enabling this option, will allow the administrators to deploy the configuration to the target computers, which are within the network but turned off. If the target computers are available in the Corporate LAN/WAN network, then those computers will be turned on using our Wake On LAN feature and the configuration will be deployed. This feature will not work for computers which are not available in the corporate LAN/WAN. This Wake On LAN feature, will be applied to computers based on their local time zone. For example: If the deployment time specified in the product server is 20:00 hours, then the deployment will happen to computers, whenever the local time on the computer becomes 20:00 hours.
You can choose to configure the Pre-Deployment Reboot settings. The admin can customize the settings such that the servers can be excluded from the reboot. This feature is especially included to prevent system downtime. The admin can also skip the reboot process for the machines that do not require one. The users can get notified about the system reboot through a customized notification message.
You can choose to configure the Pre-Deployment User Notification.
You have successfully created a deployment policy. This policy can be applied to any configuration. Note that, the Deployment Policy can be modified or deleted by clicking the Actions button.
NOTE: This is only applicable for MacOS patch
You can further fine-tune the deployment process to align with your specific needs by configuring the deployment settings. By customizing this setting, you can ensure that only authorized users with the necessary roles can modify the deployment policies. The deployment policies are associated with various configurations and tasks related to the deployment process and modifying these policies should be limited only to authorized users with the necessary roles and permissions. Users with the appropriate roles such as Administrators, Policy owners, Patch Management Write access and Software Deployment Write access are granted the privilege to modify deployment policies. The ability for only authorized users to modify the deployment policies helps in maintaining the consistency of the endpoint's deployment process.