Performing Patching in a Disconnected Environment
If you have a console that is operating in a disconnected environment, you must perform a few extra steps before the console is ready to be use for patch management tasks.
1.Install and activate the console.
2.Update the program files.
Another option is to use a distribution server.
a. On a Ivanti Security Controls console that is connected to the internet, update the current data files on it by selecting Help > Refresh files.
This will download the latest scan engines and XML data files to the following folder:
b. Copy all the files in this folder to a media that can be transported to the disconnected console.
c. Copy all the files to the same folder on the disconnected console.
3.Download missing patches.
Once the data files are updated on the disconnected console you can begin performing patch scans of your inside (non-networked) machines. Before you can deploy missing patches you must locate and transfer the missing patches to the disconnected console.
a. Use Machine View to view the list of missing patches.
b. Export the list of missing patches to a .csv file by selecting all missing patches and then using the Export selected patches to CSV right-click menu.
You can use the .csv file as a reference when downloading the patches from the Internet-facing console. Another option is to generate a report that lists the missing patches.
c. On the Internet-facing console, use the Patch View smart filters to locate the patches that are missing on the disconnected console.
d. Right-click the patches and download them to the Internet-facing console.
The downloaded patches are stored in the following directory:
e. Copy all the files in this folder to a media that can be transported to the disconnected console.
f. Copy all the files to the same folder on the disconnected console.
The disconnected console can now deploy patches to the inside machines.
Tip: Using the sideload process is another option for copying the files to the disconnected console.