MacOS patch via MDM (2022 SU3, beta)

Ivanti Endpoint Manager 2022 SU3 adds support for macOS patching via MDM. Devices must be enrolled in MDM for this to work. (12:00) This can happen through a right-click or through patch and compliance. When using patch and compliance, MacOS patching will happen through MDM if the device is MDM, otherwise the patch will fall back to being applied by the vulnerability scanner.

MacOS devices have a new right-click menu item. Available options come from.... (15)

MDM Actions > Update OS

Schedule OS update dialog box::

Update: List of available updates.

Installation method: Default, Download only, Install ASAP, Notify only, Install later, Install & force restart. The install & force restart happens without any input from the user, so be careful using that one. Click the tooltip for details about how each of these options work. (6:30)

Max user deferrals: Available when Install later is selected.

High priority: When selected, initiates the update as a high priority process as if the user started it themselves. Otherwise, the update happens in the background at a lower priority as resources are available.