Patch Management 6.x: How do I know which computers require which updates(Best Practices)?

Article:HOWTO9500  |  Created: 2008-11-04  |  Updated: 2011-08-15  |  Article URL http://www.symantec.com/docs/HOWTO9500
Article Type
How To



Question
How do I know what updates need to be rolled?

What are the best Patch Management Reports to run?

Answer
 

Compliance reports:

These reports are the cornerstone for discovering what computers are vulnerable within the environment and which bulletins need to be distributed.  Here you will see the following list of reports:

Go to the Console and go to Reports > Software Management > Patch Management > Compliance and Vulnerability

  • Compliance and Vulnerability by Bulletin: Shows a list of Bulletins and details for vulnerability. Right-click the bulletin to view vulnerable computers or other details in the dropdown.
  • Compliance and Vulnerability by Computer: Shows a list of Computers and details for vulnerability. Right-click the computer to view vulnerable bulletins or other details in the dropdown.
  • Compliance and Vulnerability by Update: Shows a list of multiple Updates within the bulletin and details for vulnerability. Right-click the bulletin to view vulnerable computers or other details in the drop-down.
  • Note: It is not recommended to run the Details reports, for they return a large amount of data from the database and that can cause issues with the report appearing inaccurate, or the report may time out / exceed the row count allotted (See below for the Set Rowcount issue).

Best practices for running reports:

·         Configure the reports to include/exclude:

o    Certain years of released updates

o    Specific collections of computers to be reported on

o    Specific Operating Systems

o    Severity / Customer Severity

o    Distribution Status

§  Active – Updates that have been staged

§  All – Updates listed in the Manage Software Updates Page

 

Note: Report results may appear inconsistent inconsistent the same parameters are not supplied in each, or the data being evaluated is based on different information.  Pay close attention to the parameters being used and what data the report is showing.

Additional Information:

Superseded Updates: Go to the Console 6.0 > Reports Tab > Software Management > Patch Management > Software Bulletins, and run the Superseded Bulletin Summary Report. Ensure the drop down for Superseded Status is displaying 'Superseded' and refresh. This displays the Bulletin name that was superseded and which bulletin(s) it was superseded by.

Saving options: The reports for Patch, like any reports from NS, can be saved to a spreadsheet or other .txt doc. This is done by selecting the Blue Clipboard in the top tool tray, and then pasting the results in the new media. Unfortunately, the tools in the report are the limits to transferring the data. For example, the report cannot be saved in HTML format from the Altiris Options provided.

More report detail: A detailed view of these reports can be seen in article

44276.

Set rowcount: The SQL Scripts for these reports can be updated in article
34527. Reports may still show 'inaccurate' due to portions of the Stored Procedure hitting the 50,000 Max Rowcount limit set by the Notification Server reporting. This can be worked around by narrowing down the fields on the report to a specific collection or by lowering the date ranges for the report to pull back less data.  The "Compliance and Vulnerability Reports - Details" are not recommended to be run. They have useful information on them; however, due to the amount of data they retrieve from multiple tables, there are known issues with these reports timing out. For a single line report to resolve this issue, go to KB 44351, which allows for replacement reports that have a right click/drill down option on a single line basis for viewing the 'details' of that resource/update.

Custom Reports: Support does not assist with creating Custom Reports; however, support is willing to assist with the tables needed to show the desired data. Also view KB 46275.

Compliance and Vulnerability 'Details' reports:


Legacy ID



44283


Article URL http://www.symantec.com/docs/HOWTO9500


Terms of use for this information are found in Legal Notices