Central Patch repository gets updated periodically with the details of the latest patches that are released by Microsoft, Apple, Linux and other 3rd party vendors. Every Patch Manager Plus server has a local Patch Database, in order to perform patch management activities. Enterprises need to sync their local Patch Database with the Central Patch Repository to ensure that their database is up-to-date. All the endpoints in the network are scanned for missing patches based on the local Patch Database information. It then lets you schedule the time at which the local patch database synchronizes with the central Patch repository. By default, this sync is scheduled to the time at which the Patch Manager Plus server is installed.
Though there could be a lot of patches released frequently, not every enterprise has the need to manage all those patches. Administrators can also configure patch DB settings to manage patches specific to different OS platforms as well as third party applications. All the computers will be scanned for missing patches based on the types of patches specified.
For example, you can choose to manage patches related to Mac operating system and only Windows 3rd party applications. Then, computers will be scanned for missing patches related to "Mac OS and Windows 3rd party applications".
To configure the Patch Database settings, follow the steps below:
Click the Admin tab to invoke the Admin page.
Click the Patch Settings -> Patch Database Settings icon
Select the types of Patches that you wish to manage, like Windows, Mac, Linux or 3rd Party Patches. If you want to manage only Microsoft patches or 3rd party patches for Windows Operating System, you can specify it accordingly. Enabling Microsoft update checkbox lets you manage all the Microsoft update types. You can further drill down and enable each type of Microsoft update individually. This provides you the feasibility to customize Patch Management based on your requirement. If you select only Microsoft update, the local patch database will sync all the update details from the Central Patch Repository, but the computers will be scanned for missing patches related to Microsoft alone.
Refer the image below to understand how you can enable or disable specific update types based on your needs:
The "Enable Scheduled Vulnerability Update" will be selected by default. To disable scheduler, clear this option.
You need to specify the time for the patch database to be synchronized. This will happen everyday.
Click Save Changes to save the configuration.