This section describes Windows Patch Scanning. SapphireIMS can be configured to do patch scans on target systems with reference to patches released by Microsoft, reconcile and arrive at the missing patches and then based on the administrators approval, to post automation jobs to carry out patch updates.
On the SapphireIMS menu, go to ‘IT Automation' and click ‘Patch Management’. Select the 
'Windows Patches' option.
Click the 'Patch Scan' tab to view results of the patch scan. Number of entries to be displayed in the listing screen can be selected from the drop down at the top right hand corner of the screen.
Select the 'Patch Type' as 'OS Patches' for managing Windows OS Patches or as 'Third Party Patches' for managing Third Party Application Patches. Refer to the topic IT Automation->Patch Management->Third Party Patch Management (TPPM) for more details on Third Party Patch Management.
Click on the 
icon to customize the fields to be displayed.
You can filter the listing based on the 'Organizational Unit Tree' or any of the other criteria for the 'Custom Fields'. Select a custom field and select the 'Criteria' to filter and enter the value in the Search box.
You can also search for a Host by entering the 'Host Name'.
Refer to Advanced Search to create profiles for filtering and viewing the scan list.
Scans can be scheduled or on-demand. Refer to the topic Settings->Software Management->Patch Management Wizard->Windows Patch Scanning and Deployment Settings for details on scheduling scans. For on-demand scans, refer to On-Demand Patch Scan.
'Scan Result' column shows the status of the last scan performed on the target node. Patch scan status is any one of the following:
|
Click on the target machine in the Patch Scan screen to view the missing security updates, missing roll-ups and service packs and installed patches for that system.
You can optionally configure alternative patch deployment parameters on a patch by patch basis. To change these parameters for a Patch, go to 'IT Automation' > 'Patch Management' > 'Patch Scan' screen. Click on a host to get the missing patches. Select the Patch (KB Article) and change the Source URL and Download Location parameters.
The Advance Search option allows setting up of search profiles and saving them for subsequent use.
Click on the '+' next to Advance Search. The Advance Search Panel is displayed.
Select one or more 'Categories' of nodes like Laptop, Desktops etc.
Select one or more 'Domains'.
Select one or more 'OS'.
Additionally filters will be displayed where applicable and these can be applied on 'System Type', 'Scheduled Time' for when patch scan was initiated or when last scan was done. A 'Time Scale' can specified. In additions the list can be filtered by the patch scan 'Error Description' returned in the last scan.
Based on the selection the list is filtered to display the nodes which match the criteria.
The configured profile can be saved for future use.
Click on the 
icon. The profile addition screen pops-up.
Enter a 'Profile Name' and 'Description'.
Select the 'Access Type' as 'Public' if the profile is made visible to others or as 'Private'.
Click on 'Save'.
The saved profile appears on the left hand menu.
To edit the profile, click on 
.
To delete the profile, click on 
.
Select the target systems and click the 'Scan' button to perform on demand scan of the target systems. A pop-up is displayed.
You can select the Patch scan mode as 'Offline' or 'Online'.
Select the Scan Time as 'Now' or as 'Later' and specify a time.
Select the 'Priority' and click on 'Save'.
Notes:
1. Retry Count and Retry Interval will assume default values of one and
one hour respectively, when 'On-Demand' patch scan is selected.
2. In case of MSP edition, a drop down box for 'Site' selection is visible.