Hi Team,
We are managing Windows and macOS in our environment so to patch 3rd party S/w which is the best policy to use and how frequent we can run the policy?
Ref: Third-Party Patching Best Practices – Automox
Thanks,
Shoaib
Solved
Third Party Software Updates
Best answer by JohnG-Automox
Hi
I recommend using either the Patch Only or Advanced Policy for patching your third party apps.
Typically I’ll scope two policies based on the application’s patching behavior:
- titles that require user interaction (meaning the app will be shut down in order to patch or will not patch while running).
- titles that do not require notifications (can patch while the app is running without disruption to your end users).
You can see the patching behavior of each Automox Supported 3rd party title here:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Here are some example scenarios from my recommendations above:
Policy Name: Multi-OS (Linux, MacOS, Windows) - Third Party Updates (no notification required)
Policy Type: Patch Only
Scope: Scope your desired Automox Supported Third Party titles that do not require a notification. These are applications under the “App is NOT shut down in order to patch” column in this article:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Schedule: Aggressive. A few days a week, or in between your other patch policies.
Install Notifications and Restarts: Both are disabled.
Policy Name: Multi-OS (Linux, MacOS, Windows) - Third Party Updates (notification required)
Policy Type: Patch Only
Scope: Scope your desired Automox Supported Third Party titles that require a notification. These are applications under the “App will NOT patch when running” and “App is shut down in order to patch” columns in this article:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Schedule: Aggressive. A few days a week, or in between your other patch policies.
Install Notifications and Restarts: Both are disabled.
I recommend taking a look at our Automox University course that goes into detail about the topic:
https://university.automox.com/third-party-patch-policies
Have a great day!
Hi
I recommend using either the Patch Only or Advanced Policy for patching your third party apps.
Typically I’ll scope two policies based on the application’s patching behavior:
- titles that require user interaction (meaning the app will be shut down in order to patch or will not patch while running).
- titles that do not require notifications (can patch while the app is running without disruption to your end users).
You can see the patching behavior of each Automox Supported 3rd party title here:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Here are some example scenarios from my recommendations above:
Policy Name: Multi-OS (Linux, MacOS, Windows) - Third Party Updates (no notification required)
Policy Type: Patch Only
Scope: Scope your desired Automox Supported Third Party titles that do not require a notification. These are applications under the “App is NOT shut down in order to patch” column in this article:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Schedule: Aggressive. A few days a week, or in between your other patch policies.
Install Notifications and Restarts: Both are disabled.
Policy Name: Multi-OS (Linux, MacOS, Windows) - Third Party Updates (notification required)
Policy Type: Patch Only
Scope: Scope your desired Automox Supported Third Party titles that require a notification. These are applications under the “App will NOT patch when running” and “App is shut down in order to patch” columns in this article:
https://help.automox.com/hc/en-us/articles/5352033229076-Third-Party-Patching-Best-Practices
Schedule: Aggressive. A few days a week, or in between your other patch policies.
Install Notifications and Restarts: Both are disabled.
I recommend taking a look at our Automox University course that goes into detail about the topic:
https://university.automox.com/third-party-patch-policies
Have a great day!
Hi John,
Thanks for the info!
We are planning to install monthly patches (Tuesday patches) and 3rd Party patches on same day and time. so, in this case does both policies will run (i.e., Patches will get installed for both monthly and 3rd Party) for same device group?
Do we have any conflicts? if two policies are run at the same time on same group.
Thanks,
Shoaib
Hi
Having two patch policies that have the same schedule and are assigned to the same group will result in a conflict. Whatever patch becomes available to the device first will execute and install. Patches from the other policy will wait until the next scheduled time to update.
That said, we recommend staggering your patch policy’s times and schedules to avoid overlap. Typically a 1 hour buffer between policies is sufficient, but you can tweak this to the policies you’re scoping.
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.