Security Controls

Performing Patching in a Disconnected Environment

If you have a console that is operating in a disconnected environment, you must perform a few extra steps before the console is ready to be use for patch management tasks.

1.Install and activate the console.

See:

Performing a New Installation

Activating the Program

2.Update the program files.

Another option is to use a distribution server.

a. On a Ivanti Security Controls console that is connected to the internet, update the current data files on it by selecting Help > Refresh files.

This will download the latest scan engines and XML data files to the following folder:

C:\ProgramData\LANDESK\Shavlik Protect\Console\DataFiles

b. Copy all the files in this folder to a media that can be transported to the disconnected console.

c. Copy all the files to the same folder on the disconnected console.

3.Download missing patches.

Once the data files are updated on the disconnected console you can begin performing patch scans of your inside (non-networked) machines. Before you can deploy missing patches you must locate and transfer the missing patches to the disconnected console.

a. Use Machine View to view the list of missing patches.

b. Export the list of missing patches to a .csv file by selecting all missing patches and then using the Export selected patches to CSV right-click menu.

You can use the .csv file as a reference when downloading the patches from the Internet-facing console. Another option is to generate a report that lists the missing patches.

c. On the Internet-facing console, use the Patch View smart filters to locate the patches that are missing on the disconnected console.

d. Right-click the patches and download them to the Internet-facing console.

The downloaded patches are stored in the following directory:

C:\ProgramData\ LANDESK\Shavlik Protect\Console\Patches

e. Copy all the files in this folder to a media that can be transported to the disconnected console.

f. Copy all the files to the same folder on the disconnected console.

The disconnected console can now deploy patches to the inside machines.

Related Topics

Console Software and Hardware Recommendations

Port Requirements and Firewall Configuration

Distributed Environment Management

Configuring Agentless Patch Management

Best Approach for Applying Patches in an Agentless Environment

Automating Patch Management in an Agentless Environment

Agent-Based Patch Management

Agent Rollout Options

Installing and Supporting Agents on Internet-Based Machines

Agent-Based Product Level and Patch Deployment Process

Guide to Surviving Patch Tuesday

Microsoft SQL Server Database Maintenance


Was this article useful?