Patch caching for multiple sites

The patch cache is a storage area in the customer environment where the probe downloads and stores Windows and third-party patches for future distribution to client devices, as defined by the patch profile. Using a patch cache reduces network and bandwidth usage by preventing multiple devices from downloading patch files individually. Instead, all patch downloads come from a single local source.

Network Efficiency

In environments with multiple or remote locations, devices attempt to connect to each known probe and download patches from the one that responds fastest. To optimize bandwidth, ensure that laptops and other roaming devices download patches from a probe in their local area.

Firewall Configuration

You can use firewall rules between locations to block patch and other probe connections. This prevents roaming devices from downloading patches across a VPN. To block these connections, include ports 10004 and 15000 in the firewall rule.

Roaming Devices

When roaming devices connect to a new location, they attempt to connect to all probes on the list. With firewall rules in place, they can only connect to the local probe for updates.

Cache Size Recommendations

For large environments or those with many roaming devices, increase the cache size to 60 GB. This ensures that required patches are available when roaming devices reconnect after several weeks.

For more information see:

• Patch caching

• Patch and probe cache on remote sites

• Patch cache vs. probe cache