Patch caching for multiple sites

The patch cache is a location within a customer environment where the probe downloads and stores Windows and third party patches for future distribution to the client devices as defined by the patch profile. Using the patch cache, prevents heavy network and bandwidth use from many devices downloading patch files, and directs all patch downloads from a single local source.

In some cases, a customer can have many and distant locations. When a device connects to the network, it tries to connect to each known probe and downloads what it needs from the one that replies the fastest. To ensure the most efficient use of bandwidth, you want to ensure that when a laptop connects to the network and downloads any needed patches, it does so from the probe in the local area.

You can use firewall rules between locations to block the patch and other probe connections. This restricts the roaming devices from downloading patches from across a VPN. Include ports 10004 and 15000 in a firewall rule to prevent other probe connections.

If you have roaming devices, when they appear in a location, they will attempt connections to the list of probes, and only be able to connect to the local probe to get updates.

If you have a large environment or have many roaming devices, increase the cache size to 60 GB. This ensures that required patches are available for the roaming devices when they connect with the network after a few weeks.

For more information see:

• Patch caching

• Patch and probe cache on remote sites

• Patch cache vs. probe cache