Management and Security

Patch impact analysis (2019 and newer)

When patching devices, it can be hard to know what files and applications a patch affects. Patches that break what they are patching or that affect other applications are a critical concern. What if you had a simple way to determine what devices in your organization are affected by a patch? What if you could easily create an optimal pilot group for a set of patches based on how likely devices in that group will be affected by those patches? With patch impact analysis, introduced in Endpoint Manager and Security 2019.1, you can do all of these things.

Patch impact analysis relies on the client user feedback agent, which is disabled by default. This agent enables real-time monitoring of file changes and deletions made by patches. It detects application crashes and reports that data to the core server. It also has an optional client-side user interface so users can manually report application crashes.

Patch impact analysis requires a learning period that helps it work more effectively. Enabling the client user feedback agent on as many devices as possible accelerates the learning period.

End users have to run applications that get patched on their devices for the technology to learn and determine dependencies between applications and patches. For the impact analysis algorithm to make more accurate predictions, users will have to report a broken application or the technology needs to auto-detect a crashed application due to a patch.

 


Was this article useful?