This topic describes Third Party Patch Management (TPPM) for Windows systems.
Note: In the case of Linux,
Application patch management is similar to OS Patch management and the
patches can be managed under Linux by selecting 'OS Patches' in the 'Patch
Type' field in the Linux Patch Management screens,
In the case of Windows SapphireIMS uses software catalogs hosted by Chocolatey to reconcile and identify missing patches.
The steps are similar to Windows Patch Management and include patch scanning, getting the missing patches and deploying them.
On the SapphireIMS menu, go to ‘IT Automation' and click ‘Patch Management’. Select the 
'Windows Patches' option.
Click the 'Patch Scan' tab to view results of the patch scan. Number of entries to be displayed in the listing screen can be selected from the drop down at the top right hand corner of the screen.
Select the 'Patch Type' as 'Third Party Patches' for managing Third Party Application Patches.
Click on the 
icon to customize the fields to be displayed.
You can filter the listing based on the 'Organizational Unit Tree' or any of the other criteria for the 'Custom Fields'. Select a custom field and select the 'Criteria' to filter and enter the value in the Search box.
You can also search for a Host by entering the 'Host Name'.
Refer to Patch Management->Windows Patch Management->Windows Patch Scan->Advanced Search to create profiles for filtering and viewing the scan list.
Scans can be scheduled or on-demand. Refer to the topic Settings->Software Management->Patch Management Wizard->Windows Patch Scanning and Deployment Settings for details on scheduling scans. For on-demand scans, refer to Patch Management->Windows Patch Management->Windows Patch Scan->On-Demand Patch Scan.
'Scan Result' column shows the status of the last scan performed on the target node. Patch scan status is any one of the following:
|
Click on the target machine in the Patch Scan screen to view the missing updates.
You can click on the Patch ID column against any of the missing patches to get the patch details including the Source Location for the patch and the file download URL. These can be edited and saved.
After the patch scan is done, the list of missing patches are displayed for approval.
To approve a patch for the normal
systems or critical systems, on the SapphireIMS menu, point to ‘IT Automation' and click ‘Patch Management’. Select the 'Windows Patches' option. Click 'Missing Patches' tab. This screen
displays all the missing patches in your network.
Select 'Patch Type' as 'Third Party Patch'.
In the ‘System Type’ drop down box select ‘Normal Systems’ or ‘Critical Systems’ as required.
In the ‘Approval Type’ drop down box select ‘Not Approved Patches’.
You can filter the listing based on the 'Organizational Unit Tree'.
Use the search filter to select a search criteria like ‘KB Article’, ‘Status’, 'Approval Status' or ‘Bulletin ID’ and then enter the value in the Search Box.
Refer to Patch Management->Windows Patch Management->Windows Patch Scan->Advanced Search for using the Advanced Search options. In Advanced Search you can also select based on a 'Custom Field'. Select a 'Custom Field' and select the 'Criteria' to filter and enter the value in the Search box.
Select the patches and click the ‘Approve' button. This process approves the patch for the selected system type where the patch is missing.
You can also select patches and click on 'Disapprove' button to move an approved patch to the disapproved list.
On the SapphireIMS menu, point to
‘IT Automation' and click
‘Patch Management’. Select
the
'Windows Patches' option.
Click 'Missing Patches' tab.
Select 'Patch Type' as 'Third Party Patch'.
In the 'Approval Type' drop down box, select 'Approved Patches'.
In the ‘System Type’ drop down box select ‘Normal Systems’ or ‘Critical Systems’ as required.
You can filter the listing based on the 'Organizational Unit Tree'.
Use the search filter to select a search criteria like ‘KB Article’, ‘Host Name’, 'Status' or ‘Bulletin ID’ and then enter the information in the search text and click on 'Search'.
Refer Patch Management->Windows Patch Management->Windows Patch Scan->Advanced Search for using the Advanced Search options.
Select the approved patches and click the 'Deploy’ button. This process deploys the patch in the affected systems where the patch is missing. You can also click on 'Disapprove' button to move an approved patch to the disapproved list.
You can deploy multiple patch across all the affected systems or choose to apply a path to selected systems only. For deployment of patches across all systems, refer to Patch Management->Windows Patch Management->Windows Patch Deployment->Patching all systems. For deployment of patches selectively refer to Patch Management->Windows Patch Management->Windows Patch Deployment->Patching selective systems only.
Deployment of patches might require a restart of the target system. Once the deployment is done and that patch requires a restart, the Reboot Reminder Settings dialog box is displayed to on the target system.
On the SapphireIMS menu, point to
‘IT Automation' and click
‘Patch Management’. Select
the
'Windows Patches' option.
Click 'Patch Deploy' tab.
Select 'Patch Type' as 'Third Party Patch'.
The status of the patch deployment
is displayed. Click on the
icon to customize the status view.
The status of the patch deployment is shown. If patch deployment has failed for a system, select the systems for which the patch has to be redeployed and click on the 'Redeploy' button.
Patch deploy status can be any of the following:
|
The status will be checked and updated after 15 minutes from the time the patch is sent for deployment to the target system.