Security Controls

Patch Task

The patch function enables you to manually start and stop patch tasks. A patch task will scan for software patches and service packs that are missing from the machine. The scan will run in the background, allowing you to continue working while the scan is being performed. Scan results are reported on the Overview pane.

Depending on how you configured the patch task, if the scan detects one or more missing patches it may automatically deploy the patches. Patch deployments, if they occur, are recorded in the patch log in the right-hand pane.

Refer to your corporate security policy for recommendations on if you or your end users should manually perform a patch task. For example, some organizations may require a patch task every 30 days, or it may be required for machines that have been powered off or disconnected from the network for an extended time. Other organizations may implement regularly scheduled patch tasks and may not allow manual patch tasks.

Available Buttons

Depending on how you have configured the program, you may or may not have access to all the features described here.

Stop task

Stops the patch task currently in progress. A message is recorded in the patch log whenever you stop a task. If there is no active task, this button will be disabled.

 

Patch tasks

Depending on how you have configured your agent policy, there may be no tasks or several tasks listed here.

Each patch task contained in the Run patch task list will have a unique name. When you click a task name it starts a patch scan of the computer. The scan is performed using the unique options that were configured for the patch task.

Informational messages about the status of the scan are displayed in the right-hand pane. The scan results can be viewed in the Overview pane.

 

Clear patch log

Clears all information from the patch log file displayed in the right-hand pane.

 

Clear retry counts

Clears all patch counters. A unique patch counter exists for every patch the program tries to download and for every patch the program tries to install. A patch counter will increment whenever a patch download or a patch installation fails. Failed download and installation attempts will be recorded in the patch log. If a patch fails to download after 11 attempts or fails to install after 4 attempts the client program will stop trying to deploy that particular patch. The only way to resume the deployment of that patch is to click Clear retry counts.

 

Update patch data

Directs the agent to check in with the system console and download the latest patch data. An end user will typically not need to use this button unless directed by you, the administrator.

 

Patch Log

Informational messages about the status of the target machine's patch tasks are displayed in the right-hand pane. For example, the patch log will record:

Each time a patch task is manually started or stopped

Each time a scheduled patch task is automatically started or stopped

Each time a patch is deployed (installed) on your machine

... and many other patch-related events

There may be a large number of messages displayed in the log. For the most part the messages are low level messages meant to show that the program is doing its job and working to protect the computer. No actions are typically required on your part.


Was this article useful?