North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

How to enable or disable patch management in a Windows profile

Release Time
06/03/2020
Views
422 times


Click ‘Configuration Templates’ > ‘Profiles’ > open a Windows profile > Click ‘Add Section’ > ‘Patch management’

  • Endpoint Manager lets you remotely install OS updates and patches for 3rd party applications on managed Windows devices.
     
  • You can manually install patches or automate it by creating a patch management procedure and running it on selected devices.
     
  • The patch management section in a Windows profile lets you disable or enable patch operations on endpoints.
     
  • This setting affects:
     
    • On-demand patch operations
       
    • Scheduled patch operations
       
    • Patch installations via procedures
       
  • Patch operations are allowed if you don’t add this section in the first place, or if you disable the ‘Turn off...’ setting.

Add patch management section to a profile

  • Login to Comodo One / Dragon
     
  • Click 'Applications' > 'Endpoint Manager'
     
  • Click 'Configuration Templates' > 'Profiles'
     
  • Click the ‘Profiles’ tab
     
  • Open the Windows profile applied to your target devices
     
    • Open the 'Patch Management' tab

      OR
       
    • Click 'Add Profile Section' > 'Patch Management', if it hasn't yet been added


 

The patch management settings interface has two tabs:

  • Operating System - Enable / disable Windows OS patching
     
  • Third Party Applications - Enable / disable patching 3rd party application patches

Click ‘Save’ to your apply your settings.

Further reading:

How to install and manage patches on Windows devices

How to add a patching schedule to a profile

How to configure and run procedures on managed devices