Custom Patch Management for Windows Policies
Every aspect of Patch Management for Windows from the type of protection offered, including the scan schedule, remediation action (i.e. what to do when a patch is discovered as missing based on severity), alerting behavior is controlled via policies.
Default policies are available with the ability to setup custom policies (as well as edit the defaults) to precisely match both the company and client's protection requirements.
Custom policies are based on an existing policy and once created, choose edit to configure the new policy to match your precise requirements. Where a policy is no longer needed, and is not in use on any devices, it may be removed from the dialog.
You can Add, Edit or Delete policies via the Patch Management Feature Policies dialog;
Create a New Policy
- Click New.
- Enter a Policy Name for identification.
- Choose an existing policy to Base policy on.
- Select the device type the policy is available for in Policy Type.
- Click Add to create.
We recommend you create Client specific policies because they enable you to create policies that precisely match client requirements, and they can be combined with the Manage Feature Policies for Client Group feature. This feature allows users in the Client Group to manage their assigned policies. Since any changes will affect the devices using that policy, we do not recommend using shared policies with this feature.
Edit a Policy
- Select the target policy and Edit (or double-click on the policy).
- Configure the policy sections as required:
- General Settings.
- Patch Status Check (Scan).
- Approval Policy.
- Installation Schedule (including reboots).
- Failed Patch alerting.
- Save to apply.
Delete a Policy
- Select the policy.
- Click Delete.
- Confirm deletion.
You cannot delete system policies, or policies that are currently in use on a device.