Patch caching

N-able N-central probes use two caching systems, to store install files and databases. Each has a specific purpose. Learn more.

If you have a small group of devices you do not need a probe cache. You can set up a patch profile that instructs devices to go directly to Windows Update for their patches. For more information, see Patch management profiles.

Patch cache is a location within a customer environment where the probe downloads and stores Windows and third party patches for future distribution to the client devices as defined by the patch profile. Using the patch cache alleviates heavy network and bandwidth use when many devices downloading patch files by directing all patch downloads from a single local source.

A patch cache is typically one of the probes or the only probe in your customer's environment.

If you have a large environment or have a number of roaming devices, increase the cache size to 60 GB from the default 40 GB. This ensures that required patches are available for the roaming devices when they connect with the network after a few weeks. You can also configure firewall rules to ensure roaming devices only connect to the local probe relative to the device's location.

Downloaded patches remain in the cache folder to ensure any new devices have immediate access to the required patches. To maintain cache size, Patch Manager deletes the oldest cached files as required when the cache storage is near capacity.

Modify the patch caching options

  1. At the SO or Customer level, click ConfigurationPatch Management.
  2. In the Patch Caching section, click Manage Probes.
  3. Click the probe name and click the Caching tab.
  4. Set the probe caching parameters and click Save.

The Monitoring Data Persistence options are not related to the patch cache.

Once the probe reaches the cache size limit, it overwrites the oldest or newest data, depending on your configuration. The cache location can be any UNC path in your environment that can accommodate a large volume of data.

Google Chrome patching is not supported on Windows 2008 and Windows 2008 R2.

N-able recommends that you determine where you want to locate the cache and set it before patch management goes live in that environment. If you decide to change the location, N-able N-central begins moving the data to the new location immediately, which could cause issues if patch updates are occurring. Avoid changing the location multiple times in a short period of time, as it can cause patching issues.

Probes with patch caching enabled

When patch caching is enabled, the probe needs to have access to software vendor's web sites to download the installation software. The probe stores the installation software in the patch cache, and accesses it during patching maintenance window.

Adding the web sites below to the firewall allow list ensures that patching can run without interruption due to blocked downloads.

Agents only requires access to the Server In The Sky (https://sis.n-able.com or http://sis.n-able.com).

Device Type Vendor server URL

Device with probe and caching enabled, or with agent without caching enabled.

  • Server In The Sky (SIS)- https://sis.n-able.com or http://sis.n-able.com

  • 7-Zip - https://www.7-zip.org/

  • Adobe Acrobat - http://ardownload.adobe.com

  • Adobe Reader - ftp://ftp.adobe.com/

  • Adobe Air - http://airdownload.adobe.com/

  • AdoptOpenJDK - https://adoptopenjdk.net/

  • Apple Products - http://appldnld.apple.com/

  • Flash - https://fpdownload.adobe.com/

  • Foxit - http://cdn09.foxitsoftware.com/

  • Google Products - https://dl.google.com

  • Java 6, 7- http://javadl.sun.com/

  • Java 8 - http://javadl.oracle.com/

  • KeePass - https://keepass.info/download.html

  • Mozilla Products - https://download-installer.cdn.mozilla.net

  • SeaMonkey - http://download.cdn.mozilla.net/

  • Notepad++ - https://notepad-plus-plus.org/

  • Opera - http://get.geo.opera.com/

  • PuTTY - https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

  • Shockwave - http://www.adobe.com/

  • Skype - http://download.skype.com/

  • TeamViewer - https://dl.tvcdn.de/

  • WinRAR - http://www.rarlab.com/

  • WinZip - http://download.winzip.com/

  • VLC - http://download.videolan.org/

  • Zoom - https://zoom.us/download#client_4meeting

  • Windows feature updates - http://fg.ds.b1.download.windowsupdate.com/*
    http://wsus.ds.b1.download.windowsupdate.com/*

  • Regular Microsoft Patches, including security only - http://download.windowsupdate.com/*

Device with agent with caching enabled.

  • Server In The Sky (SIS) - https://sis.n-able.com or http://sis.n-able.com