Remediate Assets & Asset Groups


These are the following topics in this document :

Viewing Missing Patches for Assets & Asset Groups

From the Asset Details view, click on the Remediate button --> Deploy Patches link to view the list of missing patches for the asset, based on the latest scan on the asset. You get to see a list of missing patches for the host with the following information :

For Asset Groups, from the Asset Group Details view, click on the Remediate button --> Deploy Patches link to view the list of missing patches for the asset group, based on the latest scan on the asset group. You get to see a list of missing patches for all the hosts that are a part of this group. The information displayed here is the same as for Asset Details.

Deploying Missing Patches

From the patches list view (from Asset Details view or Asset Group view), you can select the patches of interest and click on the 'Deploy Patch' button.

 

Before commencing the actual deployment, Security Manager Plus checks if the patches selected are already downloaded and available locally in the Security Manager Plus server. If not, a download request is first initiated and the patches in question are downloaded from the vendor websites via the internet. Once the patches are available locally, they are then copied to the remote systems and executed. The transfer of the patches from the Security Manager Plus server to the remote systems is via secure means (https). Therefore tampering of patches and installation of inappropriate hotfixes is completely eliminated.

 

On clicking the Deploy Patch button, you will be led to a patch deployment configuration screen. Make the necessary configurations as below, and click on the 'Deploy' button. This will bring up a Deployment Status screen with information on the progress of the deployment.

 

Deployment Scheduling

 

From the Deployment configuration screen, you can choose to deploy the selected patches instantly (select the 'Deploy Now' radio button) or schedule the deployment at a later time (select the 'Deploy Later' option and set the date and time).

The scheduled date and time of the patch deployment task can be later changed. To do so, go to Admin ----> Task Status page and click on the corresponding patch deployment task. In the task details page, there will be a link to 'Reschedule' the task. You can configure a new date and time for the task here.

 

Restart Options

Restart

 

Security Manager Plus automatically determines if rebooting the system is required after patch deployment, for the installation to complete successfully. The radio button in the restart options is set accordingly. You have the provision to change the options, but it is best advised to let the configurations remain.

 

If the restart option is selected, you further have options to configure the time interval to wait before the system reboots itself. You can also force the applications to close automatically.

 

Shutdown

 

If you wish to bring the system to a halt after patch deployment has been completed, you can choose the 'Shutdown' option.

 

If the shutdown option is selected, you further have options to configure the time interval to wait before the system shuts down. You can also force the applications to close automatically before shutting down.

 

Don't Restart

 

This option is for patches that do not require a restart of a system after deployment

Alert Message

 

After the deployment is complete, you can configure a custom message to be displayed in the affected system. 

 

MS Office Media Configuration

 

When MS Office patches are a part of your selected list of patches, you will see a configuration section where you will need to specify the MS Office CD path or AIP path. Refer to Configuring MS Office Media Location for more information.

 

Timeout Configuration (only for SP deployment)

 

The estimated minimum time taken in minutes, for the deployment of an SP to complete, is specified here by default. You can increase the timeout value if you are operating on a low-end machine or on a slow network. If the deployment of the service pack takes longer than this duration, you will get an intimation in the Status Window to this effect and then the service pack deployment task will proceed till a system preset time.

 

E-mailing Deployment Status

 

The status of the deployment can be intimated by e-mail to any e-mail address (ideally the administrator's e-mail ID) that is configured here. Enter any number of e-mail addresses in the text-field provided; separated by comma. A report will be sent to those IDs when the deployment task is completed.

 

Pre-Deployment Notification

 

If you wish to be notified of a patch deployment schedule via e-mail, before the actual patch deployment happens, you can select this option and configure the number of minutes before which the notification e-mail has to be sent. The notification will be sent to the same e-mail IDs configured in the above field.

Viewing Service Packs for Assets & Asset Groups

From the Asset Details view, click on the Remediate button --> Deploy Service Packs link to view the list of missing service packs for the applications detected in the asset, based on the latest scan on the asset.

From this list, you can identify which service pack is available and which is missing. You can then proceed to download and deploy the missing service pack for each product, one at a time.

 

The other details in the service pack view are same as the ones in missing patches view.

 

 

From the Asset Details view, click on the Remediate button --> Deploy Service Packs link to view the list of missing service packs for the applications detected in the asset, based on the latest scan on the asset.

 

Deploying Patches from Patches Snapshot in the Dashboard

Patches can be deployed from the Dashboard displayed in the Home tab. From the Dashboard, select the Patches tab to view the patches snapshot. You can refer to the Patches Snapshot for more information on various options available by which patches can be deployed.

 

Deploying Patches from Patch Groups

You can also deploy groups of patches to entire system groups. Refer to Patch Groups for more information.

 

Deploying All Missing Patches

You can deploy all the missing patches in your network at one shot from Admin tab --> Action section -->  Deploy Patches screen.

 

 

 


Copyright © 2010, ZOHO Corp. All Rights Reserved.
ManageEngine