Automating antivirus definition updates

How to optimize Definition Updates for Anti-virus in Patch Manager Plus?

Definition Updates for Anti-virus can be enabled in Automated Patch Deployment. These updates are supported for various anti-virus applications like Windows Defender, Mcafee etc., Patch Database syncs with the Central Patch Repository every 1 hour to get the latest Definition Updates for Anti-virus. These updates will be deployed to the client machines immediately in the subsequent refresh cycle. 

Steps in creating an APD task for antivirus definition updates

  1. Go to the Deployment tab and choose the "Automated Patch Deployment" option.
  2. Select an appropriate name and description for the APD task.
  3. The first tab lets you select the applications for which you need to create an APD task.
  4. Across options like Microsoft applications and third-party applications, select antivirus definition updates.
  5. Proceed with the configuration of deployment policies, targets, and notifications and click create.

Best practices for deploying antivirus definition updates

Certain Anti-virus applications like Windows Defender release Definition Updates on average 5-6 times a day. Each Definition Update consumes 160 MB of disk space. This can result in high bandwidth consumption

You can limit the bandwidth consumption by creating a separate APD task for Anti-virus Definition Updates with the following recommendations:

  1. Create a deployment policy for Definition Updates which has deployment window for a shorter time and map it with the APD task.
  2. Disable 'Download patches during subsequent refresh cycle' under pre-deployment settings in the deployment policy for which the APD task is mapped, to avoid over-consumption of bandwidth.

Note: If you want to neglect Definition Updates for Anti-virus, you can disable it in Patch Database settings.