Create/Delete: Patch Policy
Patch Management > Patch Policy: Create/Delete
- This page applies to the following products: On Premises, Kaseya Advanced, Kaseya Essentials, IT Center
The Create/Delete page creates or deletes patch policies. Patch policies contain all active patches for the purpose of approving or denying patches. An active patch is defined as a patch that has been reported by a patch scan by at least one machine in the VSA. Any machine can be made a member of one or more patch policies.
For example, you can create a patch policy named servers and assign all your servers to be members of this patch policy and another patch policy named workstations and assign all your workstations to be members of this policy. This way, you can configure patch approvals differently for servers and workstations.
- The patches of machines that are not a member of any patch policy are treated as if they were automatically approved.
- When a new patch policy is created the default approval status is pending approval for all patch categories.
- The default approval status for each category of patches and for each product can be individually set.
- If a machine is a member of multiple patch policies and those policies have conflicting approval statuses, the most restrictive approval status is used.
- Initial Update and Automatic Update require patches be approved before these patches are installed.
- Approval by Policy approves or denies patch by policy.
- Approval by Patch approves or denies patches by patch and sets the approval status for that patch in all patch policies.
- KB Override overrides the default approval status by KB Article for all patch policies and sets the approval status for patches associated with the KB Article in all patch policies.
- Patch Update and Machine Update can install denied patches.
- Non-
Master role users can only see patch policies they have created or patch policies that have machine IDs the user is authorized to see based on their scope.
Create
Click Create to define a new patch policy, after entering a new machine patch policy name in the edit field.
Delete
Click Delete to delete selected patch policies.
Enter name for a new patch policy
Enter the name for a new patch policy.
Select All/Unselect All
Click the Select All link to check all rows on the page. Click the Unselect All link to uncheck all rows on the page.
Edit Icon
Click the edit icon to the left of a patch policy to rename it.
Policy Name
Lists all machine patch policies defined for the entire system.
Member Count
Lists the number of machines that are members of each patch policy.
Show Members
Click Show Members to list the members of a patch policy.
|