Tutorial. Patch Management

Similar documents
Tutorial. Inventory Methods

SQL Server 2008 R2 Express Edition Installation Guide

SharePoint List Filter Favorites Installation Instruction

SharePoint Wiki Redirect Installation Instruction

BitDefender Security for Exchange

WhatsUp Gold v16.3 Installation and Configuration Guide

GETTING STARTED WITH SQL SERVER

Moving the TRITON Reporting Databases

Managed Antivirus Quick Start Guide

Moving the Web Security Log Database

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Nintex Workflow 2010 Installation Guide. Installation Guide Nintex USA LLC, All rights reserved. Errors and omissions excepted.

WhatsUp Gold v16.1 Installation and Configuration Guide

3 Setting up Databases on a Microsoft SQL 7.0 Server

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Providing Patch Management With N-central. Version 7.2

LANDesk Management Suite 9.0. Getting started with Patch Manager

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

Core Protection for Virtual Machines 1

SharePoint AD Information Sync Installation Instruction

QUANTIFY INSTALLATION GUIDE

How To Upgrade Your Microsoft SQL Server for Accounting CS Version

Moving Components of an Amicus Premium Installation

Migrating MSDE to Microsoft SQL 2008 R2 Express

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Configure SPLM 2012 on Windows 7 Laptop

SlimDrivers User Manual

User Guide - English. ServerView Suite. DeskView and ServerView Integration Pack for Microsoft SCCM

WhatsUp Gold v16.2 Installation and Configuration Guide

Providing Patch Management With N-central. Version 7.1

Juris Installation / Upgrade Guide

SafeGuard Enterprise upgrade guide. Product version: 6.1

STATISTICA VERSION 11 CONCURRENT NETWORK LICENSE WITH BORROWING INSTALLATION INSTRUCTIONS

Print Audit 6 - SQL Server 2005 Express Edition

Administrator s Guide

Windows XP Home Network Setup: Step-by-Step

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Installation Instruction STATISTICA Enterprise Small Business

DataCove. Installation Instructions for Search Plug-in for Microsoft Outlook 2007 & 2010 (All Users)

ContentWatch Auto Deployment Tool

Introduction and Overview

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Installing Windows Server Update Services (WSUS) on Windows Server 2012 R2 Essentials

SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Backup and Restore

Patch Management. Module VMware Inc. All rights reserved

PROJECTIONS SUITE. Database Setup Utility (and Prerequisites) Installation and General Instructions. v0.9 draft prepared by David Weinstein

Shavlik Patch for Microsoft System Center

You must have at least Editor access to your own mail database to run archiving.

Step-by-Step Guide to Securing Windows XP Professional with Service Pack 2 in Small and Medium Businesses

Item Audit Log 2.0 User Guide

Rogue Wave HostAccess 7.40J Installation Guide... 1

Installing LearningBay Enterprise Part 2

Microsoft Business Contact Manager Complete

Microsoft Corporation. Project Server 2010 Installation Guide

Providing Patch Management with N-central. Version 9.1

Customer Release Notes for Xerox Integrated Fiery Color Server for the Xerox Color C75 Press, version 1.0

Project management integrated into Outlook

Aspera Connect User Guide

Symantec AntiVirus Corporate Edition Patch Update

Dwebs IIS Log Archiver Installation and Configuration Guide for Helm 4

How To Install Database Oasis On A Computer Or Computer (For Free)

MyNetFone Virtual Fax. Virtual Fax Installation

Sophos Enterprise Console server to server migration guide. Product version: 5.1 Document date: June 2012

Migrating helpdesk to a new server

ServerView Integration Pack for Microsoft SCCM

Introduction. There are several bits of information that must be moved:

Nexio Connectus with Nexio G-Scribe

HP Softpaq Download Manager and HP System Software Manager

File Management Utility User Guide

User Installation Guide

Cyclope Print Management Software

Installation & Configuration Guide

Defender Token Deployment System Quick Start Guide

HP MediaSmart Server Software Upgrade from v.2 to v.3

How to Schedule Report Execution and Mailing

StruxureWare Power Monitoring 7.0.1

Synchronization with Microsoft Team Foundation Server 2010

Backup & Disaster Recovery Appliance User Guide

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Printer Sharing of the PT-9500pc in a Windows Environment

Sophos Enterprise Console server to server migration guide. Product version: 5.2

Reconfiguring VMware vsphere Update Manager

NETWRIX WINDOWS SERVER CHANGE REPORTER

Managing Software Updates with System Center 2012 R2 Configuration Manager

NetIQ Advanced Authentication Framework - Password Filter. Installation Guide. Version 5.1.0

Driver Updater Manual

About the To-Do Bar in Outlook 2007

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Set up My Sites (SharePoint Server

Thinspace deskcloud. Quick Start Guide

Upgrade Guide BES12. Version 12.1

MultiSite Manager. User Guide

Preparing a SQL Server for EmpowerID installation

Outlook basics. Identify user interface elements that you can use to accomplish basic tasks.

Installation Guide - Client. Rev 1.5.0

Installing and Configuring vcloud Connector

Known Issues and Work Around

Table of Contents. CHAPTER 1 About This Guide CHAPTER 2 Introduction CHAPTER 3 Database Backup and Restoration... 15

Install SQL Server 2014 Express Edition

Transcription:

Tutorial Patch Management 2011 DeskCenter Solutions AG

Table of Contents 1. Introduction...3 2. Software deployer...4 2.1 Preparing the software deployer...4 2.2 Configuring software deployers...4 3. Central configuration of patch management...6 4. Patch Groups...8 4.1 Creating patch groups...8 4.2 Group privilege and detailed settings...9 4.3 Assigning and removing computers from a patch group... 11 5. Preparing client systems...13 5.1 SDI agent basic configuration...13 5.2 Activating patch management for client systems... 15 5.3 Deploying SDI Agent...16 6. Patch details...16 www.deskcenter.com

1. Introduction The DeskCenter Management Suite offers you powerful functions for the installation / uninstallation of updates on your client systems and servers. Using patch management, you are capable of installing updates and patches for your Windows-based operating systems. In addition, updates for other Microsoft products as well as drivers for the hardware on your systems can be downloaded and installed. There are a few prerequisites for patch management using DeskCenter Management Studio. The DeskCenter SDI agent must be installed on all client systems and servers. The SDI agent requires a connection to the central DeskCenter database. Moreover, for all client systems and servers, a software deployer must be set up on which all updates are available after download. We recommend reading the Basics of software deployment tutorial. 3 of 18

2. Software deployer 2.1 Preparing the software deployer Software deployers are Windows shares. In principle, software deployers can be set up on any Windows-based system. However, for large networks we recommend the use of server systems in order to obtain optimum performance. Create central folders for your software deployers and authorize them for network access. We recommend the following setup for user access privileges: Share Read access for all Write access for all authenticated users, and Full access for administrators. Security Write access for all authenticated users, and Full access for administrators. 2.2 Configuring software deployers The configuration of software deployers is carried out in Management Studio. To administer software deployers, select the Options / Software deployers menu area. 4 of 18

In the Options / Software deployers dialog, you can create, edit, or delete software deployers. A unique name must be assigned to each deployer. Each deployer also needs a path to the corresponding network share. Don t place a \ character at the end of this path specification. To save the deployer, you will need write access to the share. When the deployer is saved, a 50 kb file named speedtest.bin will be copied to the share. The SDI agent uses this file to test the effective speed to the deployer. 5 of 18

3. Central configuration of patch management The central configuration of patch management is carried out in Management Studio. To do this, in the Software management view, select Patch management. In the Patch management view, the Additional options/manage software groups function on the right side of the page takes you the central configuration for patch management. In the Settings view, patch management can be globally activated or deactivated. The Download target field specifies the deployer on which Windows updates are copied after successful download. If you have more deployers in use, please note that all updates and patches must be copied to this deployer manually. The User privileges menu item is used to specify the privileges the workflow service has to the deployer. Be sure that the user to be used has read and write privileges to the deployer if you select Standard user. If the access from the workflow service to the Internet is only possible through a proxy server, you can also specify that here. In addition the Remove unnecessary patches option can be used to delete patch files that are no longer being used. If Just remove files from deployer is activated, the patch files will only be deleted when approved by the software deployer in use. The patches remain in the data base. Patches will then be deleted, if the patch overview for a patch is found to be in the columns Installed = 0, Waiting = 0, and Not approved = 0. If a patch is not installed on a system, nor is it waiting to be installed or is not approved, then it will be deleted. 6 of 18

In the Download view, set up the settings for download of the update catalog file. This catalog file is needed for the Offline scan for updates by individual clients. You can change the path to this catalog file, but we recommend keeping the default settings. If you want to restore changed settings, you can restore the default value for the download path using the Reset button at the end of the input line. The catalog file is downloaded and updated daily. The Download (hh:mm) field can be used to set the time for this action. The Download menu item can be used to set the time updates are downloaded. An update is only downloaded when a system needs the update and the group settings permit installation or download. 7 of 18

4. Patch Groups 4.1 Creating patch groups In the Software management/patch management view, DeskCenter Management Studio offers the Manage additional options/patch groups to the right of the screen to manage individual patch groups and their privileges. In the Patch groups menu area, you can create, edit, or delete patch groups. To do this, use the database navigation in the lower part of the configuration window. The Scan interval specifies when a client system should check whether new updates are available. The smallest interval that can be selected is once daily. Select the scan type Offline scan to use the catalog file provided on the deployer by the workflow service for the scan. If Online scan is selected, the client connects to the Window Update page on the Internet. If a proxy server is needed for this connection to the Internet, you can make the appropriate settings here. 8 of 18

Select the Global settings option if you want to use the proxy settings stored in the central configuration of patch management. With the Reboot immediately option, you can control the reboot behavior of the client systems in the selected patch group. If this option is activated, the system automatically carries out a reboot if the patch installed needs it. If the option is deactivated, a window is shown on the system requesting a reboot. The user of the system has the option of rebooting immediately or being reminded to reboot at certain intervals. 4.2 Group privilege and detailed settings The Group privileges function specifies how updates are managed. No action: Updates required must be authorized manually for this group. Only after authorization will the workflow service copy the update to the primary deployer. Download only: All updates required are copied immediately to the primary deployer by the primary workflow service. The installation requires manual authorization. Download and installation: All updates required are copied immediately to the primary deployer by the primary workflow service. After the download is complete, the update is installed immediately. Detailed settings: The settings for permissions for downloading and installation of updates are set up in the Detailed settings option. 9 of 18

In the Detailed settings view, you can break down group permissions for updates more precisely. Here, you can set for each Microsoft product which type of update may be installed and/or downloaded. By right clicking on a classification, you can change the settings for that classification for all products at once. By right clicking on a product, you can change the settings for all classifications for the selected product. In the Manual patches view, all updates are later listed that were manually configured for the selected patch group. Double-click on an update to go to the detail view for that update, where you can change settings appropriately. 10 of 18

4.3 Assigning and removing computers from a patch group Assigning computers to a patch group: In the Computers with no group view, you see all computers which have not yet been assigned to a patch group. Right click on a computer to assign that computer directly to the selected patch group. Note that a computer can only be assigned to a single patch group at a time. 11 of 18

Removing computers from a patch group: In the Computers in group tab, you see which computers are in the selected group. Right click on a computer to assign that computer to remove it directly from the patch group. You can assign computers to a patch group in the system overview of the Management Studios, as well, or remove a computer from a patch group. You can find detailed information about this in Chapter Activating patch management for this tutorial. 12 of 18

5. Preparing client systems 5.1 SDI agent basic configuration The Options/SDI Agent menu is used to make system-wide changes to the SDI agent configuration. However, you can also make customized changes to the SDI agent settings for each system. 13 of 18

If the Manual patch scan option is activated, you can instruct SDI agent later to carry out a manual patch scan for the system. You can find detailed information about the individual options for configuration of the SDI agent in the Basics of software deployment tutorial. 14 of 18

5.2 Activating patch management for client systems Before you can use patch management in production, it must be activated for the individual client systems. To do this, the systems must be assigned to the deployer onto which the workflow server copies the updates, and the systems must be assigned to a patch group. To do this, in the Management Studio system overview, select the systems on which patch management should be activated, and select the Edit systems edit function on the right side. Management Studio automatically detects that a multiple selection has been made, and shows the change dialog for a group of systems. Now, in the Change computer group dialog, select the Primary deployer and Patch management fields, then switch to the Settings view to activate patch management and assign the patch group. Then switch to the Software deployment view to assign the corresponding deployer to the selected client systems. Save your changes using the Change computer group button. These settings can already assigned to systems during registration. Please note that the workflow service only copies patches into the deployer stored in the central patch management configuration. If you want to provide patch on other deployers as well, you will have to copy them manually to the other deployers. 15 of 18

5.3 Deploying SDI Agent If it is not yet deployed, install SDI Agent on your client systems. The deployment of SDI Agent is carried out using Management Studio. To do this, in the computer overview, select all the systems on which SDI Agent should be installed. Then select the Install SDI Agent function on the right side of the screen. If you need support for alternative options for deployment of the SDI agent, please contact our support department. You can find more detailed information about installation of the SDI agent on client systems in the Basics of software deployment tutorial. 6. Patch details After a patch scan has been carried out and it is determined that a system requires a certain patch, or a certain patch is already installed on a system, Management Studio gives you the option in the Software management area s Patch management view of displaying more detailed information about that specific patch. The Edit patch function takes you to a more detailed view of the selected patch. In the Details view, the detailed information about a patch is shown. The Status field in the lower table can be used to configure the manual status of an update for that patch group. This status has a higher priority than the group privilege stored for this patch. 16 of 18

Group privilege: The group privilege for this update is used. The current group privilege can be found in the middle column. More information about the group privilege can be found in Chapter Group privilege and detailed settings of this tutorial. Install: The update is downloaded and installed independently of the group privilege of the selected patch group. Do not install: The update is not permitted to install for the selected patch group. Uninstall: The update is uninstalled from all computers in the selected group. Please note that some updates cannot be uninstalled. 17 of 18

The Installed view lists all the computers on which the selected update is already installed. The Not installed view lists all the computers for which the selected update is available but not yet installed. The fields Group privilege and Status show you whether the selected update has been approved for the patch group of this computer. The Error view shows all the computers on which the selected update could not be correctly installed. 18 of 18

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information