Configuring Deployment Policies
When you deploy a software or a patch using Endpoint Central, you can specify multiple Deployment Settings like when to install, whether the user can skip deployments, reboot policies, etc. These deployment settings can be created as Policies, which can then be used while defining the configurations/tasks. Any policy can be marked as a default policy, so that it will be applied by default for all subsequent configurations/tasks that are created. There are several ways to create deployment policies:
Policies can be created from the Deployment Policies page. You can reach the Deployment Policies page from the following places:
- Patch Mgmt -> Deployment Policies
- Software Deployment -> Deployment Policies
Follow the steps below to create a Policy manually:
- Navigate to Admin -> Configuration Settings -> Deployment Policies
- Click Create Policy
- Specify a name for the policy
- Preferred week split: There are two options for choosing the split, namely, the regular split and the one based on Patch Tuesday. The latter one operates from the second Tuesday of every month until the next Monday based on the Patch Tuesday releases, while the former one is the normal week split.
- Specify the schedule for the deployment to happen, it can be done on any day of the week or on specific days. If you wanted the deployment to happen only on weekends, you can select only Saturdays and Sundays.
- Specify the Deployment Window. Deployment window is the time interval, when you wanted the deployment to happen on the client computer. You can specify a time interval between 3 hours to 24 hours. It is recommended to provide a minimum of 3 hours, so that the agent will be able to communicate with the product server at least once during this deployment window to receive inputs from the product server to initiate the deployment.
- You can specify the Start and End time within which the deployment should begin. The Start Time can also be greater than the End time - in such cases the End time is assumed to be on the following day. For example, if you wish the deployment should happen between 10.00 PM and 4.00 AM, you can specify the Start Time as 22:00:00 and End Time as 04:00:00
- If the deployment has not been completed within the specified deployment window, then the deployment will be continued only during the subsequent deployment window. For example, if you have deployed a configuration for installing 5 patches and deployment window expires while installing the third patch, then the remaining patches will be installed only during the subsequent deployment window.
Deploy Configuration to computers that are shutdown:
If you wanted the configuration to be deployed to the computers, which are turned off, then you can enable the check box to "Turn On Computers before deployment". Enabling this option, will allow the administrators to deploy the configuration to the target computers, which are within the network but turned off. If the target computers are available in the Corporate LAN/WAN network, then those computers will be turned on using our Wake On LAN feature and the configuration will be deployed. This feature will not work for computers which are not available in the corporate LAN/WAN. This Wake On LAN feature, will be applied to computers based on their local time zone, for example: If the deployment time specified in the product server is 20:00 hours, then the deployment will happen to computers, whenever the local time on the computer becomes 20:00 hours.
Download Binaries during subsequent refresh cycle : Enabling this option, will download the binaries to the client computers prior to the deployment window. The binaries will be downloaded during the subsequent refresh cycle, system startup or deployment window whichever is earlier and the deployment will be initiated only during the specified deployment window. Else, the binaries will be downloaded only during the deployment window and the deployment will be initiated after the download is completed.
- Enter the "Title of the Message" that needs to be displayed on the client computer before initiating the Deployment
- Enter the message that needs to be displayed on the client computer before initiating the deployment
- Notification message will be displayed on the client computer based on the time limit specified here.
- Enabling "Deployment Progress" checkbox will display the deployment progress on the client computers.
- Specify whether the user can skip the deployment, to a later time by selecting the "Allow Users to Skip Deployment". When you do not select this option, the deployment will be forced and the user will not have any control on the deployment.
- If the deployment progress has to be shown on the client computers, enable "Show deployment progress in the client computers" option.
- If you wanted to allow Users to Skip Deployment, specify it here. If you have chosen this option and the user has not responded, then the message will be displayed for the specified time limit and then the deployment will be initiated.
- Specify the number of days after which the deployment needs to be forced on the computer. By choosing this option, users will be allowed to skip deployment only for the number of days specified above, after which the deployment will be forced on the client computer.
- Specify the time limit for the deployment to be initiated if the system is idle. For example, you have specified the idle time limit as 30 minutes and a configuration is scheduled to be deployed on a computer at 10:00:00 hr as per the deployment window. If this particular computer has been idle since 9:30:00 hr, then the deployment will be initiated by 10:00:00 hr. without prompt the user, or displaying any notification message.
Under Reboot Policy, select the action that needs to be performed as Reboot or Shutdown after deployment is completed.
- If you have chosen for a reboot/shutdown and you do not want to disturb your servers, then you can choose this option to exclude servers from reboot/shutdown.
- Specify if you wanted to allow users to postpone reboot.
- Enter the Reboot Message Title that needs to be displayed on the client computer.
- Enter the message that needs to be displayed before the computer is rebooted.
- Specify the time limit for the notification message to be displayed on the client computer. If you have chosen this option and the user is has not responded, then the computer will be rebooted.
- You can set the maximum number of days allowed for the users to postpone reboot, after which reboot will be forced on the client computer.
- You can also enable a check box, which allows you to skip computers, which does not require a reboot.
- Click Save to save the changes.
You have successfully created a deployment policy. This policy can be applied to any configuration.
The following features are currently supported only for computers running Windows operating system
- Turn on computers before deployment
- Download binaries during subsequent refresh cycle
- Notification Settings
- Postpone reboot
Modifying the Policy:
All the Policies that are created can be used to create any configuration/task.
Follow the steps mentioned below to modify a policy:
- From Admin -> Configuration Settings -> Deployment Policies.
- Under Actions against the specific Policy, click modify icon, read and accept the confirmation message.
- Make necessary changes to the Policy and Click Save to store the changes.
You have successfully modified the Policy. Assume the policy that you have modified is used in few configurations, then the changes made to the policy will automatically get applied to all the configurations/tasks to which this policy was applied.
For example, you have created a policy named Sample and applied to configuration A and automatic patch deployment task B. Configuration A has been deployed to 10 computers, where the configuration is deployed successfully to 6 computers and the remaining 4 computers' deployment status is "yet to deploy". If the policy "Sample" is modified now, then the changes will get applied to the remaining 4 computers whenever they are deployed. Similarly changes made to the policy "sample" will get applied automatically to patch deployment task B from the subsequent schedule.
Deleting the policy:
Deleting a policy will not affect the configurations to which it was applied.
Follow the steps mentioned below to delete a policy:
- From Admin -> Configuration Settings -> Deployment Policies.
- Under Actions against the specific Policy, click delete icon, read and accept the confirmation message.
You have successfully deleted the policy. If this policy is applied to any configurations/tasks, you can still see the policy being listed with the remarks saying "deleted". This will be automatically removed when the configurations/tasks to which it is used is deleted. However this policy cannot be modified or applied to any other configuration/task. You can view the details of the policy by selecting the policy under Deployment Policies and choosing Policy details. You can also view the configurations to which the policy is applied by selecting the policy under Deployment Policies and choosing Configurations/Tasks.