The Patch Content Page

Within Ivanti Endpoint Security, you can view all vulnerabilities and software available for deployment from the Patch Content page. This page contains a variety of filters that you can use to view content relevant in your enterprise.

You can open this page by selecting different items from the navigation menu. Depending on the menu cascade you select, the Patch Content page will open with different filtering options pre- selected. The following table lists all the navigation menu cascades you can select to open the Patch Content page.

Menu	Menu Item	Sub-Menu Item
Review	Vulnerabilities	All
		Critical Vulnerabilities
		New Vulnerabilities
		Top Vulnerabilities
	Software	All
		Service Packs
		Software Installers
		Updates
	Other	All
		Detection Only
		Informational
		Packages
		Policies
		Recommended
		System Management
		Tasks
		Virus Removal

To Access the Content

Review content to see which content items are available and which items you may want to deploy to your managed endpoints.

From the Navigation Menu, select Review > My Default Patch View.
Choose filter settings to display the content you're looking for.

The Patch Content Browser

From each page that lists patch content, you can use the Patch Content Browser, a panel that lists Custom Patch Lists, your default patch view, the system view for each patch category. Use this browser to filter the patch content that is displayed, or use it to create a new custom patch list.

The Patch Content Browser is available from all content views selectable from:

Review > My Default View.
Each page selectable from Review > Vulnerabilities.
Each page selectable from Review > Software.
Each page selectable from Review > Other.
The Vulnerabilities/Patch Content of the Groups page.

You can interact with the Patch Content Browser in multiple ways:

Display or hide the Patch Content Browser by clicking the browser Chevron (). However, note that the browser cannot be hidden when using the Groups page.
Type criteria in the field to filter the Patch Content Browser for custom patch lists or system views.
Right-click within Custom Patch Lists to create a new custom patch list, copy an existing list, rename an existing list, delete an existing list, or deploy the list content.
Select a custom patch list from the browser to view the patch content within it. Patch content is displayed on the page list.
Click the , , or icons to create, copy, or delete Custom Patch Lists. System views cannot be deleted.

The Patch Content Browser contains multiple nodes. Selecting each node type changes the content listed on the page.

Branch	Description
CUSTOM PATCH LISTS	Lists all Custom Patch Lists, which are lists of content that include only content items added by a user. For more information, see About Custom Patch Lists. Selecting the root CUSTOM PATCH LISTS node provides controls in the main panel to create new a Custom Patch List or work with recent lists. Selecting a list from the CUSTOM PATCH LISTS hierarchy displays its contents on screen. Each list identifies how many content items are added to it using a parenthetical citation.
My Default Patch View	Lists the patch content according to the default filters, sorting, and column order selected by the logged-in user.
SYSTEM VIEWS	Lists the various default Patch and Remediation content views. The System Views are common filter combinations you can use to quickly sort patch content. For example, selecting the Vulnerabilities system view sets your page filters to Content type: All Critical, Applicability: Applicable, and State: Enabled. Vulnerabilities are patches that fix security vulnerabilities. Software Content installs software, service packs, or other updates. Other Content includes patches that don't fit in the previous two categories, such as policy enforcement or virus removal.

Branch

Description

CUSTOM PATCH LISTS

Lists all Custom Patch Lists, which are lists of content that include only content items added by a user. For more information, see About Custom Patch Lists.

Selecting the root CUSTOM PATCH LISTS node provides controls in the main panel to create new a Custom Patch List or work with recent lists.
Selecting a list from the CUSTOM PATCH LISTS hierarchy displays its contents on screen.
Each list identifies how many content items are added to it using a parenthetical citation.

My Default Patch View

Lists the patch content according to the default filters, sorting, and column order selected by the logged-in user.

SYSTEM VIEWS

Lists the various default Patch and Remediation content views. The System Views are common filter combinations you can use to quickly sort patch content. For example, selecting the Vulnerabilities system view sets your page filters to Content type: All Critical, Applicability: Applicable, and State: Enabled.

Vulnerabilities are patches that fix security vulnerabilities.
Software Content installs software, service packs, or other updates.
Other Content includes patches that don't fit in the previous two categories, such as policy enforcement or virus removal.

The Create Custom Patch List Dialog

You can use this dialog to create custom patch lists, which are static lists of patch content items you have selected from the Patch Content page. You can use custom patch lists to research, recall, deploy, and report on patch content that is commonly used in your enterprise.

Create a custom patch list by entering a List name and clicking OK.
After you a create custom patch list, it is added to the Patch Content Browser on the Patch Content page. The custom patch list is added to the Custom Patch Lists hierarchy.
After creating a custom patch list, you need to add patch content to it afterwards using the Patch Content Browser.
After adding content to your custom patch list, you can deploy it quickly and easily using the Patch Content Browser.

Patch Content Filters

When using the Patch Content page, use the page filters to reduce the list to a manageable scope. This topic describes how each Patch Content page filter works.

Regardless of the navigation menu selection chosen to open the Patch Content page, the same filters are always available. You may need to toggle the Show Filters / Hide Filters button to display them. All filters can be used in combination with each other.

Filters

Name or CVE-ID: Use this field to filter the page by patch name or a patch's Common Vulnerability and Exposures ID.

Content type: Use this drop-down list to filter the page to a certain content type. See Content Types for more information on what content is in each type.

Vendor: Use this drop-down list to filter the page to display content from only certain vendors. All vendors for content replicated from the Global Subscription Service or imported from Ivanti Content Wizard are listed.

When viewing Custom Patch Lists, only applicable vendors are available for selection.

Vendor release date: Use this drop-down list and field to filter the page for content released after (or before) a date that you define. To define a date, either use the calendar icon to select one, or type the date in a mm/ dd/yyyy format.

Applicability: Use this drop-down list to filter the page for content that applies (or doesn't apply) to your enterprise endpoints (or groups).

State: Use this drop-down list to filter the page for content that is in an enabled or disabled state.

Detection status: Use this drop-down list to filter the page for content that has been installed (or hasn't been installed) on endpoints.

Show results for: Use this drop-down list to filter the page for content that applies only to the selected group. Select the Include sub-groups to include the group's child groups in the filtering process.

Content Types

The Content type filters contains a list of selectable content categories. The list below describes what content is includes in each category.

All: Displays all content available from the Global Subscription Service.

All Critical: Displays all content that Ivanti or the vendor recommends for immediate installation.

Critical (NEW): Displays all English language content that Ivanti or the vendor recommends for immediate installation that is less than thirty days old. By default, Ivanti Endpoint Security automatically caches content in this category. After 30 days, critical patches are moved to Critical > 30 Days.

Critical > 30 Days: Displays all content that Ivanti or the vendor recommends for immediate installation that is more than thirty days old. Most security patches are included in this category.

Critical International (NEW): Displays all non-English language content that Ivanti or the vendor recommends for immediate installation that is less than thirty days old. Most of the recent international security updates are included in this category. After 30 days, international patches are moved to Critical > 30 Days. This filter only returns results if you've used the Subscription Service Configuration dialog to select new content languages.

Critical and Not Superseded: Displays all content that Ivanti or the vendor recommends for immediate installation. All patches in this category has not been supplanted by newer patches.

Critical but Superseded: Displays all content that Ivanti or the vendor recommends for immediate installation. Content in this category has been supplanted by new content.

Software All: Displays available software. This category combines the Software, Recommended, and Informational types.

Software Installers: Displays available software installers.

Software Updates (Not Critical): Displays updates to existing software. These patches are not critical to the applicable software's operation.

Not Applicable: Displays content that doesn't apply to your endpoints.

Not Critical: Displays a list of content applicable to your endpoints, but is not critical for security or operations (content listed under All Critical, Critical > 30 Days, and Critical and Not Superseded).

Detection Only: Displays content that contains signatures common in vulnerabilities. This content contains no patches and are only used in the detection process.

Informational: Displays content that detects a condition that Ivanti or the vendor has declared as informational. If the report has an associated package, you may want to install it as your discretion.

Policy: Displays content that impacts policy.

Recommended: Displays content that Ivanti or the vendor recommends installing. The content is not critical or security related, but is useful and should be applied end user convenience.

Tasks: Displays tasks that administrators may use to run various virus detections across their network. Anti-Virus tools and updates are included in this category.

Virus Removal: Displays a list of content that removes viruses and other malware.

Critical & Not Superseded/ Recommended

Displays all content classified as All Critical, Critical and Not Superseded, and Recommended.

The Patch Content Page Toolbar

Each page you can use to deploy content contains a toolbar of common functions. The following table describes the toolbar functions used in each content page.

Button	Function
Enable	Enables a selected disabled content item. For additional information, refer to Enabling Content Globally. If no content items are disabled, Enable is unavailable.
Disable	Disables a selected enabled content item. For additional information, refer to Disabling Content Globally.
Do Not Patch...	Disables the selected patch for specific groups and endpoint that you select. For more information, see Disabling Content for Groups/Endpoints.
Update Cache	Updates the package cache for the selected content item. For additional information, refer to Updating the Cache.
Add to List...	Adds content selected from the page list to a Custom Patch List. For additional information, refer to Adding Content to a Custom Patch List.
Remove	Removes content selected from a Custom Patch List. For additional information, refer to Removing Content from a Custom Patch List.
Deploy...	Opens the Deployment Wizard. For additional information, refer to Using the Deployment Wizard.
Scan Now...	Prompts the Discover Applicable Updates task to launch immediately and scan all agent-managed endpoints within your network for vulnerabilities. For additional information, refer to Scanning Endpoints for Vulnerabilities.
Export	Exports the page data to a comma-separated value (.csv) file. For additional information, refer to Exporting Data. Important: The Enhanced Security Configuration feature for Internet Explorer suppresses export functionality and must be disabled to export data successfully. Pop-up blockers in Internet Explorer or other supported browsers may also suppress export functionality and should be disabled.
Options (menu)	Opens the Options menu. For additional information, refer to The Options Menu.

The Patch Content Page List

Use the page list to view information about each patch and the deployment information for it. The following table describes the Patch Content page list.

Column	Icon	Definition
Status		The content item status, which indicates when the server downloaded the content item metadata. For additional information, refer to Content Status and Type.
Package Status		The cache status for the content item, which indicates if the server downloaded the content item packages. For additional information, refer to Content Icons and Descriptions.
Name	N/A	The content item name, which links to the Patch Status of the item. For additional information, refer to The Patch Status Page.
Content Type	N/A	Indicates the content item type. For more information, see one of the following topics: Vulnerabilities Software Content Other Content
Vendor	N/A	The name of the vendor that created the software in the content item.
Vendor Release Date	N/A	The date and time that the vendor released the software in the content item.
Number of endpoints which came up Patched		The number of endpoints patched with the content item.
Number of endpoints which came up Not Patched		The number of endpoints not patched with the content item.
Total Applicable		The number of endpoints that the content item applies to.
Number of endpoints which came up Do Not Patch		The number of endpoints that administrators have created a patch exception for.
Percent Patched		The percentage of applicable endpoints patched with the content item.

Additionally, you can expand each content item by clicking its arrow (>). The following table describes each field that displays when you expand a content item.

The following detail information appears on this page.

Name	Description
Beta	Indicates if the content item is in beta.
Downloaded on (UTC)	The date and time on which the content was downloaded.
Associated packages	The number of packages associated with the content item.
Packages status	The cache status for the content item packages.
Ivanti Endpoint Security ID	The Ivanti Endpoint Security identifier for the content item.
Custom Patch Lists	A listing of all Custom Patch Lists that the content item is included in.
State	The enabled/disabled/completed status of the content item.
Enabled/Disabled by	The Ivanti Endpoint Security user who last disabled or enabled the content.
Enabled/Disabled date (Server)	The date and time the content was disabled or enabled.
Enable/Disable reason	The reason the user provided for disabling or enabling the content. You can click the Edit link to change the reason.
Vendor product ID	The identifier given to the security content item by the vendor.
Vendor release date/time (UTC)	The date and time the vendor released the software in the content item.
Common Vulnerability Exploit (CVE)¹	The CVE number for the content.
Vulnerability Code Description¹	A description of the vulnerability associated with the content item.
Reference Text¹	The reference text(s) associated with the content item vulnerability.
Description¹	The narrative description of the distribution package. This section may include important notes about the content item and a link to more information.
¹This meta data appears conditionally based on whether it was added for the content item. Additionally, there may be multiple instances of each meta data section.

Note: The page's Content Type filter Software All item combines the following Content Type filter items into one type:

Software
Recommended
Informational

Content Status and Type

An icon in the Status column indicates the status of content items. The menu options and filter criteria that you select determines which content items are displayed. You can set the available filters to display content items of a certain status type.

Status	Description
New	Downloaded from the Global Subscription Service since the last session.
Current	Present content items residing on Ivanti Patch and Remediation.
Tasks	System task package.
Local	Locally created package.
Beta	Released to the Ivanti BETA community.

The following table includes descriptions of the security content status icons.

New	Current	Beta	Status Description
			Active content.
			The content has been disabled.

Content Cache Status and Type

A content item may have any number of packages associated with it. A package contains the patch to address the security issue. Each package may be cached (downloaded) from the Global Subscription Service.

The downloading of packages can occur automatically if the security content item impact is rated as critical or if a deployment has been created for a particular package or content item. Selecting the Package Status icon displays a list of the individual packages associated with the content item.

Content Icons and Descriptions

An icon in the Package Status column indicates the cache status of content items. The menu options and filter criteria that you select determines which content items are displayed. You can set the available filters to display content items of a certain status type.

The content status icons and their status are classified as follows:

New	Current	Tasks	Local	Description
			N/A	The package is not cached.
			N/A	The package has been scheduled to be cached or is in the process of being cached.
			N/A	An error occurred while trying to cache the package.
				The package is cached and ready for deployment.
				The package is currently deploying (animated icon).
				The package is disabled.

Content Name

The names of content items typically include the vendor (manufacturer of the content item) and specific application and version information.