Related Articles

How it works?

 Patch Management using Patch Manager Plus is a simple two-stage process:

  • Patch Assessment or Scanning
  • Patch Download and Deployment

Patch Management Architecture | Distribution Server - Agent


Patch Management Architecture | Roaming Users

Patch Assessment or Scanning

Patch Manager Plus server resides at the Zoho Corp. site and repeatedly probes the internet to draw vulnerability information from the Microsoft and other websites. You will have to create an account with Patch Manager Plus and install agents on the computers, which needs to be managed. Once the agents are installed, the management activities are performed using the agents. Patch Manager Plus periodically scans the systems in your network to assess the patch needs. Using a comprehensive database consolidated from Microsoft's and other bulletins, the scanning mechanism checks for the existence and state of the patches by performing file version checks, registry checks and checksums. The vulnerability database is periodically updated with the latest information on patches, from the Central Patch Repository. The scanning logic automatically determines which updates are needed on each client system, taking into account the operating system, application, and update dependencies.

On successful completion of an assessment, the results of each assessment are returned and stored in the server database. The scan results can be viewed from the web-console.

Patch download and deployment

Distribution Server is a component, which is installed in the remote office. Distribution server synchronizes the missing patch details from the Patch Manager Plus server and downloads the missing patches from the respective vendor's website. The downloaded patches are further distributed internally for patch deployment. Once the deployment is completed, the status is updated back to the Patch Manager Plus server. 

In case of Roaming Users, the agent synchronizes the missing patch details from the Patch Manager Plus server and downloads the missing patches from the vendor's website, which is then deployed in the machine. Once the deployment is completed, the status is updated back to the Patch Manager Plus server.