The OneSite Patch Express setup wizard provides step-by-step guidance for your first introduction to Patch Express. The wizard walks you through automatic deployment of patch remediation for each patch vulnerability level (Critical, High, Medium, and Low). You may use Patch Express on its own, or use Patch Express with an integrated partner product.
Welcome |
Use the guided setup to configure OneSite Patch Express to meet the needs of your organization. See Welcome to OneSite Patch Express. |
Enablement |
Enable automatic deployment of patch remediation for the specified vulnerability level.. See Use Copy From. |
Remediation Schedule |
Schedule automatic remediation of the specified patch vulnerability level . See Select a Remediation Schedule. |
Detection Integrations |
Enable detection integrations for the specified patch vulnerability level. See ???. |
Patch Pre-staging |
Enable content pre-staging to download all patches to applicable and licensed devices prior to deployment. See Enable Patch Pre-staging. |
Deployment Notifications |
Notify administrators about the specified patch deployment. See Configure Deployment Notifications. |
Approval |
Setup approval before deploying the specified patch vulnerability level patches. See Configure Deployment Approval. |
Test Deployment |
Deploy the specified patch vulnerability level patches to a test group before production deployment. See Configure Test Deployment. |
Test Approval |
Setup approval before deploying the specified patch vulnerability level patches to test devices. See Configure Test Approval. |
Complete |
Complete the OneSite Patch Express Setup process and save the settings to the server. See Complete OneSite Patch Express Setup. |
After you have completed the OneSite Express installation, the Guided Setup wizard starts automatically. You may choose to walk through it immediately to start and configure auto-remediation, or cancel the wizard and come back to it later. To prevent the wizard from starting automatically, see Enable or Disable Guided Setup.
Select Begin to get started. Your first step is Integrations.
When you have completed at least one configuration for a remediation level, you can easily create new levels using the same details, and then customize only those details that might be different, such as Business Unit or approval roles. To copy a patch vulnerability level, complete the following steps on the Enablement tab:
-
Use one of the following methods to select the Patch severity level that you want to configure or change:
-
If enabled, click the patch severity level from the Steps menu on the left navigation pane of the Patch Express Setup. The example uses High Patches
-
Otherwise, click No to cycle to through the remaining patch severity levels.
Tip
Selecting No to cycle through each patch severity level in the wizard without configuring them enables each selection in the Steps menu for easier navigation between levels.
-
-
Select Copy From, and then select a patch severity level to copy. The example begins with High level patch remediation, so the available levels available to select are as follows:
-
Copy Auto Remediation Level Low
-
Copy Auto Remediation Level Medium
-
Copy Auto Remediation Level Critical
-
-
Select OK to return to the Enablement tab. The remediation level you started with now uses the same settings as the level you copied.
-
To make any changes to the applied settings, click OK, and then select the patch severity level you started with, in this case High Patches.
-
Select Yes to begin cycling through the applied settings.
-
Verify that the applied settings used the correct Remediation, Detection, Patch Pre-staging, Production Deployment and Approvals, and Test Deployment and Approvals.
-
Make any modifications necessary to reflect the needs of your environment for the selected patch severity level.
-
-
Select Complete on the left navigation menu, and then click Finish to save your changes.
-
Repeat this procedure or cycle through the Enablement process to configure other severity level patch deployments.
-
Select Browse to open the Add Schedules dialog.
-
Select a Schedule to add, and then select Add Schedules on the bottom-left corner to return to the Remediation Schedule step. You may add only one schedule to a remediation at a time.
-
Select Next to go to the Detection Integrations step.
Choose whether to use Adaptiva, a partner product, or both to detect vulnerabilities for patches.
-
Select the Adaptiva or Product Partner toggle to enable or disable one or more of the available Detection Integrations. You must enable at least one.
-
Select Next to prestage patch content.
When you pre-stage patches, OneSite Patch downloads the matching severity level patches to all licensed devices prior to deployment. This accelerates rollout time during deployment.
Choose whether to pre-stage patches:
-
Select Yes to to enable patch pre-staging. This takes you to Configure Deployment Notifications.
-
Select No to skip patch pre-staging. This takes you to patch approvals (no deployment notification required).
-
There is no need to click Next from this tab. If you do click Next, it takes you to the Deployment Notifications tab.
Choose whether to notify administrators of the vulnerability level patch installation and select the type of administrators to notify based on Roles.
-
Decide whether to notify administrators about the patch deployment:
-
Select Browse to open the Add Role dialog.
-
Select a Role to add. You may select only one.
-
Select Add Role to save your selection. This takes you directly to the Approval tab.
Choose whether to ask administrators to approve of the patch severity level installation and select the type of administrators to approve of the installation based on Roles.
-
Decide whether to request administrator approval of the patch deployment:
-
Select Yes to choose the Roles to approve of the deployment, and then continue with the next step.
-
Select No to skip approvals. This takes you to Configure Test Deployment.
-
Select deploying to a test group.
on the bottom right corner to skip notifications and approvals and go directly to
-
-
Select Browse to add an administrator role for approvals:
-
Select a Role to add. You may select only one.
-
Select Add Role to save your selection. This takes you back to the Approval tab and displays two additional configuration options: Approval Timeout (required) and Load Leveling (optional).
-
-
Set the number of Days, Hours, or Minutes to wait for approval to occur:
-
A non-zero value means deployment begins after the wait time passes, even if no one has approved.
-
If you use a zero value, the deployment waits indefinitely for approval.
-
-
(Optional) Enable and set a time frame for Load Leveling:
-
Select Yes to enable load leveling for the specified level patch deployments. When enabled, load leveling for the production patch installation occurs across all target devices.
-
Set the number of Days, Hours, or Minutes for load leveling to occur prior to initiating production patch deployment.
If you don't specify a load leveling time, production patch installation deployment to all devices occurs immediately.
-
Select Next to set up deployment to a test environment prior to production
-
Choose whether to deploy the vulnerability patch installation to a test group prior to production deployment (recommended).
-
Decide whether to deploy the patch installation to a test group (recommended):
-
Select Yes to configure test group installation, and then continue with the next step.
-
Select No to skip setting up a test environment and have all vulnerability patch installations deploy to the production environment.
This takes you back to the Enablement tab where you can configure remediation for a different vulnerability level.
-
Select
on the bottom right corner to skip setting up a test environment and go directly to test approvals.
-
-
Select Browse to show the available Business Units.
-
Select the Business Unit to use as the test environment, and then click Add Business Unit on the bottom left corner of the dialog:
-
Patches deployed to a test environment do not use load leveling.
-
If Patch Pre-staging is enabled, the patch is pre-staged to all target machines, and then the machines assigned to the business unit that you specified for the test deployment.
-
-
Choose whether to create preferences or test duration:
-
To create preferences, click + Create Preferences to control maintenance windows, user interaction settings, and reboots for the selected test environment. See Patching Preferences for configuration guidance.
-
To create a test duration (Optional), set the number of Days, Hours, or Minutes to specify how long the test patch deployment process will run before initiating production patch deployment.
-
-
Select Next to set test approval requirements.
Decide whether to ask administrators to approve of deploying the patch installation to a test environment and select the type of administrators to approve based on Roles.
-
Decide whether to request administrator approval of the patch deployment:
-
Select Yes to choose the Roles to approve of the deployment, and then continue with the next step.
-
Select No to skip approvals. This takes you to back to Enablement where you can configure remediation settings for another vulnerability level.
-
Select
on the bottom right corner to go directly to back to Enablement where you can configure remediation settings for another vulnerability level.
-
-
Select Browse to open the Add Role dialog.
-
Select a Role to add, and then click Add Role. to return to the Test Deployment tab.
-
Set the number of Days, Hours, or Minutes to wait for approval to occur:
-
A non-zero value means deployment begins after the wait time passes, even if no one has approved.
-
If you use a zero value, the deployment waits indefinitely for approval.
-
-
Select Next on the bottom right corner of the dialog to return to the Enablement tab:
-
Repeat all steps for the next vulnerability level configure remediation for other vulnerability levels.
-
To skip other vulnerability levels and finish the Express Setup, click Next.
-
Comments
0 comments
Article is closed for comments.