Automated Patch Management: You can automate your patch management process - From synchronizing the vulnerability database, scanning endpoints for missing patches, downloading patches from vendor sites, deploying patches to vulnerable systems and also providing reports on the status of your automated patch management tasks.
Multi-Platform Patch Management for 750 applications: One patching solution that helps in automating the patch process for Windows, Mac, and Linux systems and secures your entire infrastructure.
Windows Patch Management: Automates deployment of cumulative and roll-up updates, mitigates security risks across all versions of Windows OS and fixes vulnerabilities in minutes.
Windows 10 Feature Update Deployment: Streamlines the Windows 10 feature update deployment from a single point of console, thus utilizing low bandwidth and mitigates compatibility issues.
Mac Patch Management: Deploys and manages patches to all Mac endpoints from a single console, keeps your Mac clients current with the latest Mac security updates.
Linux Patch Management: Provides on-demand and scheduled patch deployment of Linux related security fixes, thus keeping your Linux flavors from Ubuntu to Red Hat and SuSE, secure and updated with the latest patches.
Third Party Applications Patching: Manage and deploy patches to over 250 third-party applications.
Distributed or Remote Office patch management: Deploy patches and updates to devices in multiple remote office locations as well as roaming users, along with bandwidth optimization.
Distribution Server to utilize low bandwidth: Patch Manager Plus leverages the Distribution Server architecture to streamline the deployment of patches to remote office locations with multiple number of devices.
Centralized Update Process: Lets you deploy third-party application patches - right along with your Microsoft patches - all from a central point of control.
Broadest Third-Party Vulnerable Content: Provides an extensive third-party application catalog.
Provides Pre-built, Tested and Ready-to-deploy Packages: Simplifies third-party patching by making use of pre-built, tested and ready-to-deploy packages for Non-Microsoft applications.
Uninstall Patch: To uninstall a patch, go to Deployment -> Manual Deployment -> Install/Uninstall Patch, and add the patches to be uninstalled.
Deployment Policies: You can create patching policies by selecting the deployment features you want most with native OS and third-party application patching.
Device a deployment policy: This will help to decide when to deploy patches to networks, how and when the deployment will take place.
Notify User about Deployment: Customize your notification settings to get notifications about patch deployment, allow Users to skip deployment.
Turn ON computers before deployment: Wake On LAN feature allows the administrators to deploy the updates to the target computers(which are turned off) which are available in the Corporate LAN/WAN network.
Download Patches/Software during subsequent Refresh Cycle: This feature will download the binaries during the subsequent refresh cycle, system startup or deployment window whichever is earlier.
Choice of reboot policy: Customize reboot policies post-deployment - force reboot/shutdown when User has logged in, allow User to skip or postpone reboot/shutdown.
Test and Approve: An automatic process in which the downloaded patches are first tested and then approved for deployment.
Test Group: You can choose to create multiple test group for different OSes, and test patches before deploying it to the production environment.
Less-to-no downtime: You can schedule the deployment to non-production hours to reduce downtime.
Disable auto updates: You can choose to disable automatic Windows updates from being deployed to Windows devices.
Decline patches: You can choose to decline specific patches or all patches pertaining to a specific application, and it can be declined to all computers or a specific group of computers
Exclude problematic patches by declining them: This option helps in avoiding the deployment of patches that might cause unprecedented issues in client systems.
Decline patches to legacy applications: Systems might break down due to compatibility issues and hence it is recommended to stop an application from getting updated by declining them to the required custom groups
Delay the deployment of less critical patches by declining them initially: Prioritize the deployment of highly critical patches by delaying the deployment of less critical patches which can be declined temporarily.
Decline patches to critical systems such as Server OS: Prioritize what patch goes in first and what patches need to be declined so that critical systems are not slowed down due to abrupt disruptions or reboots.
Ability to roll-back declined patches for deployment: The declined patches can be moved back from the decline list and later can be added for deployment.
Ensuring patch compliance: When an endpoint is detected to be non-compliant, the platform automatically acts to bring the endpoint back into compliance.
System Health Policy: A compliance policy that can be used to define standards that identify if systems are non-compliant, based on the severity of the missing patches.
Powerful patching reports: Run comprehensive reports, easily filter data and share results with other in a variety of formats.
Security news feed: This feed lists the latest security news about patch updates, security breaches, risks, fixes, etc.
Interactive dashboards: These dashboards are browser-based, interactive, and can be accessed from anywhere, anytime you need it.
Patches report:
Missing patches awaiting approval: This report will list down all missing patches that have been unapproved for deployment.
Vulnerable patches report: Lists missing patches and details of the affected systems in your network.
Supported patches report: Provides the details of all the patches released irrespective of whether they are relevant to your network or not.
Remote Office Patch Summary: Lists down the number of missing patches, installed patches, applicable patches, healthy & vulnerable systems.
Systems report:
Vulnerable systems report: Lists details of the healthy and vulnerable systems in your network.
Systems requiring reboot: Lists all the systems in which reboot has to be scheduled.
Customizable query reports: You can retrieve the required information from the database using the Query Report.
Custom views with 'Save as filter': Provides various filters and an option to save them for future use.
Schedule reports and target email notifications: Provides flexibility in scheduled report generation and email notifications to push important data to interested parties.
Configuration Reports: Lists the details about patch configurations applied to each user/computer.
Critical Vulnerability Report: Displays all the updates for zero and critical day vulnerabilities.
