Skip to main content

I'm switching from another patching solution and everything is scheduled off Patch Tuesday. I'm noticing that my schedule for November will start patching on the week BEFORE Patch Tuesday. I've also noticed that there are certain days that I cannot patch, for example, I couldn't patch on Sundays this month because the 2nd Sunday this month was a week before my patch window.

This way of doing scheduling doesn't make any sense and it needs to be changed. When patching is entirely based off of Patch Tuesday, it would make sense that patching software works off of that schedule as well.

For example, this is my “Tier 1” schedule for servers that get patched the week of Patch Tuesday. They won't be patched on that week for November 2023. This way of scheduling patches is inherently broken and doesn’t match how actual patching schedules work.

 

 


@dkehoe have you tried using the Patch Age offset under Package Targeting? Using an Advanced Patch Policy with a Patch Age offset with a weekly or daily patching schedule enables a predictable patching schedule regardless of what day various vendors like Apple, Google, Mac or Linux release the patch. 

 

Leveraging patch age and a re-occurring patch window, I’m able to send patches through groupings of devices like DEV  > TEST > STAGING > PRODUCTION each with with more days than the last.

 

 

 

 

 

 


Echoing this, the Automox calendar is cumbersome at best.

I frequently have to adjust the calendar for my patching policies multiples times a month because it’s impossible for me to set the patching schedules I want and just leave it alone. This month is a perfect example--I want to patch on the 21st and the 22nd with a single policy and device group. Can’t be done.

Because in order to select the 21st you need to pick the 3rd week and Saturday. But then if you want the 22nd you need to select the 4th week and Sunday. Which will then mean it tries to patch on the 15th and the 28th.

So I have to wait until the 15th has passed before I can set the policy schedule, and then I’ll need to hop back in after the 22nd to disable the policy so it doesn’t try patching again.

And then next month I’ll have to do it again

If someone patches over the weekend then Automox’s calendar is an automated system that will create more work for you by using it.


Reply