Automating antivirus definition updates
How to optimize Definition Updates for Anti-virus in Patch Manager Plus?
Definition Updates for Anti-virus can be enabled in Automated Patch Deployment. These updates are supported for various anti-virus applications like Windows Defender, Mcafee etc., Patch Database syncs with the Central Patch Repository every 1 hour to get the latest Definition Updates for Anti-virus. These updates will be deployed to the client machines immediately in the subsequent refresh cycle.
Steps in creating an APD task for antivirus definition updates
- Go to the Deployment tab and choose the "Automated Patch Deployment" option.
- Select an appropriate name and description for the APD task.
- The first tab lets you select the applications for which you need to create an APD task.
- Across options like Microsoft applications and third-party applications, select antivirus definition updates.
- Proceed with the configuration of deployment policies, targets, and notifications and click create.
Best practices for deploying antivirus definition updates
Certain Anti-virus applications like Windows Defender release Definition Updates on average 5-6 times a day. Each Definition Update consumes 160 MB of disk space. This can result in high bandwidth consumption
You can limit the bandwidth consumption by creating a separate APD task for Anti-virus Definition Updates with the following recommendations:
- Create a deployment policy for Definition Updates which has deployment window for a shorter time and map it with the APD task.
- Disable 'Download patches during subsequent refresh cycle' under pre-deployment settings in the deployment policy for which the APD task is mapped, to avoid over-consumption of bandwidth.
Note: If you want to neglect Definition Updates for Anti-virus, you can disable it in Patch Database settings.