Automatically Deploying Patches

Show Me!

A video tutorial is available on this topic. To access the video, click the following link:

Watch a related video (04:37)

Overview Information

Security Controls can be configured to automatically deploy all missing patches to machines after a scan is performed. When performing domain scans, this can be especially useful as it provides a one-step update. The automatic deployment is performed by enabling the proper deployment package options on the Agentless Operation page.

Here is how you configure Security Controls to automatically deploy missing patches following a scan:

  • Choose one of the following stage deployment package options:
    • Immediately after the scan: The staging process will begin immediately after the scan is complete. The staging steps include creating the deployment package and copying the package to the target machine.
    • Schedule at: Enables you to choose the date and time at which the staging process will occur. It is not necessary for the machine that performed the scan to be available at the scheduled deployment time.
  • Choose a deployment template to use during the patch deployment.
  • Choose one of the following Install the patch(es) options:
    • Install immediately after staging: The staged patches are installed immediately on the target machine.
    • Schedule at: The staged patches are installed on the target machine at the time of your choosing.
    • Install at next reboot (no login required): The staged patch files will not begin until the next time the target machine is restarted.

    Offline hosted virtual machines are the exception, for them the deployment process will begin immediately. For more details see Deploying Patches to Virtual Machines.