Client Management Suite

 View Only

  • 1.  Patch Filter Update Interval

    Posted Jun 16, 2011 03:17 PM

    Can someone explain exactly what this mechanism does.  I am having a hard time conceptually seeing how this fits in with all the other patch policies



  • 2.  RE: Patch Filter Update Interval
    Best Answer

    Posted Jun 16, 2011 03:57 PM

    Does this explain it?

    http://www.symantec.com/business/support/index?page=content&id=HOWTO30278

    It processes vulnerability analysis results from the clients, then any changes to patch policies are applied to computers.

    For example, suppose a computer was fully patched, then you uninstalled a security update and ran a Vulnerability Analysis.  If the patch filter update interval has not run, you would not be targeted to receive the security update.  You could update the agent config all you want, but it won't know that it's part of that policy's target.

    Another example: you approve new patches released by Microsoft on June 14th and covered by your PMImport.  If you stage the bulletins and then create a policy which includes them, but the interval has not caused a Microsoft patch filter update, vulnerable systems will not be targeted.

    You can manually kick off the task by running the NS.<Vendor> scheduled task on the NS, e.g. NS.Adobe, NS.Microsoft, etc.

    Does this make sense?



  • 3.  RE: Patch Filter Update Interval

    Posted Jun 16, 2011 04:57 PM

    Thank you.  Are there any best practices for this in a large environment.  The default of 30 mins seems a bit frequent



  • 4.  RE: Patch Filter Update Interval

    Posted Jun 16, 2011 05:46 PM

    I believe 4 hours is what's recommended for larger environments.  And 4 hours should meet most business needs for responsiveness.