Deployment Template: Hosted VMs/Templates Tab

This tab allows you to remove old snapshots during the patch deployment process. If you want to schedule the removal of old virtual machine snapshots without having to perform a deployment, see Scheduled Snapshot Maintenance.

This tab only applies if you have virtual machines in your network that are hosted on one or more VMware servers. It enables you to specify if snapshots will be taken of the hosted virtual machines (or of hosted virtual machine templates) immediately before and/or immediately after patches are deployed to the virtual machines. This tab does not apply to virtual machines that reside on workstations.

What is a virtual machine snapshot? A snapshot captures the state, configuration, and disk data of a virtual machine at a given time. Snapshots are useful for storing states that an administrator or user might want to return to at some point in the future.

Complete snapshots are taken of offline virtual machines and of virtual machine templates. If a virtual machine is online at the time of the patch deployment the memory state will not be included in the snapshot—this will quicken the process and reduce the amount of time that the online virtual machine is affected.

There are reasons why you may choose to NOT take a snapshot. You may have a limited amount of disk space, or you may have performance concerns. Taking a snapshot reduces the performance of the virtual machine while the snapshot is being created.

Field

Description

Take pre-deployment snapshots

If enabled, indicates that Security Controls will take a snapshot of the hosted virtual machine or the hosted virtual machine template before deploying missing patches or product levels. Taking a snapshot of the environment is a good precaution to take in the event there is a problem with the deployment or if at some point you simply want to revert to the original environment.

Take post-deployment snapshots

If enabled, indicates that Security Controls will take a snapshot of the offline virtual machine or virtual machine template after deploying missing patches or product levels. Taking a post-deployment snapshot of the environment is a good idea in the event there is a problem down the road and you want to revert to a time immediately following the patch deployment.

Maximum snapshots Security Controls will manage

If enabled, indicates the maximum number of snapshots that will be maintained for each offline virtual machine or virtual machine template. Only snapshots created by Security Controls are counted. If the threshold is exceeded the oldest snapshot is deleted. The threshold is checked each time a new pre-deployment or post-deployment snapshot is made.

Snapshots are saved to disk and require a certain amount of storage space. It is important to limit the number of snapshots to avoid needless consumption of storage space.

Delete old snapshots created by Security Controls (age in days)

If enabled, indicates the number of days a snapshot created by Security Controls will be allowed to exist. Snapshots older than the specified number of days are automatically deleted. The threshold is checked each time a new pre-deployment or post-deployment snapshot is made.

You can choose to manage snapshot retention both by the number of snapshots and by the snapshot age. In this case, when a pre- or post-deployment snapshot is requested, all snapshots created by Security Controls that are older than the specified number of days are deleted. If the number of remaining snapshots still exceeds the maximum number specified, the oldest of those will be deleted until only the maximum number specified remain.