Patch DB is a storage medium known as "repository" located at the ManageEngine site. This holds all the data and information of the patches released by the vendor websites. The Patch Database is periodically updated with this information after an intensive analysis and testing conducted by ManageEngine.
Endpoint Central's Patch repository is updated periodically, with the details of the latest patches that are released by Microsoft, Apple, Linux and other 3rd party vendors. Every enterprise has a Patch Database, to perform patch management activities using Endpoint Central. Enterprises sync their Patch Database with the Endpoint Central Patch Repository to ensure that their database is up-to-date. All the machines are scanned for the missing patches, only based on the Patch Database. Configuring the Patch Database Settings, refers to the time interval during which the Patch Database will sync the patch details from the Endpoint Central's Patch Repository.
Patches are getting released everyday. With millions of patches in circulation, not all enterprise will need this whole list of patches. Enterprise must select the patches that are required only for their managed network and act accordingly. IT admins can configure preferences to download and add patches to their list. Administrators can choose to use patch management for patching a specific type of Patch like, OS related patches or third party patches etc. IT admins can also decline patches, if required. To do this, administrators use the "Decline Patch" feature. All the computers will be scanned to identify the missing patches, based on the selection. For example administrators can choose to install only patches related to Mac operating system and 3rd party patches related to windows operating system. Then computers will be scanned to identify the missing patches related to "Mac, Linux and 3rd party patches related to windows operating system".
A patch becomes a superseded patch if the vendor releases a patch or an update that replaces or includes that patch. IT admins can choose to enable or ignore the superseded patches. Administrators can choose to enable "Superseded Patches" (Windows only), if the organization wishes to deploy the superseded or older patches.
Administrators can schedule the time at which the vulnerability database information is updated. The admin can also get notified about the synchronization by configuring the notification server settings.
To configure the Patch Database settings, follow the steps below:
Navigate to the Admin page.
Under the Patch Settings, select Patch Database settings
Users can select the type of patches that are to be managed. These patches can be selected individually for the provided Operating Systems. This feature is provided to ensure maximum feasibility of the Patch management activity. Endpoint Central will receive updates from patch repository on the whole irrespective of the type of patches selected. Once Patch Database sync is completed, the managed computers will be scanned and only missing patches related to selected patches will be listed.
"Enable" the Superseded Patches under "Superseded Patches Settings", if the organization requires the addition of superseded or older patches.
"Enable" the Schedule Vulnerability Database Update and fill in the fields to activate the patch database sync.
If you wish to receive the notifications on the patch database settings, provide your email address in the corresponding field.
Click Save to enable the patch database sync settings.
Related Articles: SuSE Linux Settings, Red Hat Linux Settings