Experience the next generation of patch management, eliminating the wastage of valuable hours in every cycle. By incorporating Atera's automation capabilities, you can now establish tailored schedules for each endpoint, ensuring adherence to cybersecurity best practices for hardware, software, and operating systems. Gain comprehensive control over your busy IT environment with ease.
Frequently asked questions
This section will address the most frequently asked questions concerning our Patch Management and IT Automation modules.
Patch management
Q: What is patch management?
A: Patch management refers to the process of acquiring and deploying updates, or patches, to software applications, operating systems, and other system components. These patches are typically released by software vendors to address security vulnerabilities, fix bugs, and improve overall performance.
Q: Does Atera provide a patch management module?
A: Yes, Atera offers a comprehensive patch management module designed to facilitate the installation of patches on Windows, Mac, and Linux devices. For more information, see Atera's patch management
Q: How much does the patch management module cost within Atera?
A: The patch management module is seamlessly integrated into your Atera subscription at no additional cost.
Q: How can I install a patch using Atera?
A: Atera provides multiple options for installing patches on your devices. You have the flexibility to manually install patches on your devices or automate the process to conveniently install patches at your preferred time.
Q: How can a patch be installed manually?
A: To manually install a patch, you can utilize either the Live Manage: Patch management module or the Patch Search and Deploy classic report. For detailed instructions on manual patch installation, see:
- Patch management: Windows and Mac
- Package manager: Linux
- Live manage: Patch management
- Operational reports: Patch Search & Deploy
Q: If I install a patch manually and it requires a reboot, will the devices restart automatically?
A: No, when you install a patch manually and a reboot is required, the devices will not restart automatically. The patch installation will be queued, and once the device is rebooted or shut down, the installation will resume once the device is back online.
Q: How can a patch be installed automatically?
A: Atera offers automation profiles that allow you to install patches automatically at a time that is convenient for you and your end users. By scheduling the automation profile, available patches on your devices will be installed automatically.
Q: Do automation profiles reboot a device if a patch requires it?
A: By default, profiles do not reboot a device if a patch requires it. However, within the automation profile, there is an option called "Reboot if needed." Enabling this option will initiate a device reboot if a patch installation requires it.
Q: When does the "Reboot if needed" option come into effect during the installation of multiple patches?
A: When multiple patches are being installed using the automation profile, the process follows a sequential order. First, all patches are installed. Subsequently, the automation profile checks if any of the installed patches require a reboot. If such patches are detected, the "Reboot if needed" option is initiated, facilitating the reboot of the devices.
Q: Can the restart triggered by the "Reboot if needed" option be postponed?
A: Yes, it is possible to postpone the restart caused by the "Reboot if needed" option. Atera provides configuration policies that allow you to customize the reboot behavior. You can choose to postpone the restart until after working hours, specify a time period before the restart occurs, or even grant end users control over the reboot process. For detailed instructions on how to configure these options using configuration policies, see:
Q: How can I configure patch management using automation profiles?
A: Configuring Patch Management with automation profiles is a straightforward process. To learn how to set up Patch Management using automation profiles and schedule the profiles, see:
Q: What are the recommended best practices for setting up patch management via automation profiles?
A: To ensure optimal results, we recommend following the best practices outlined in Patch management: best practices
Q: Can patches be excluded from automatic installation via automation profiles?
A: Absolutely! You have the flexibility to exclude specific patches from automatic installation. Additionally, you can choose to approve or postpone the installation of patches using automation profiles, granting you greater control over the automatic patching process. This level of customization ensures that you have full control over which patches are installed automatically. For more information on how to exclude patches and customize the automatic installation, see Patch Approval
Q: Is it possible to integrate the Atera Patch management module with a custom repository for updates?
A: No, currently, the Atera Patch management module does not support integration with private repositories. The module is designed to manage and distribute patches from the Windows Update Agent (WUA) API.
Q: What is the Windows Update Agent (WUA) API?
A: The Windows Update Agent (WUA) API is a programming interface used by Atera to establish a connection with Windows Update. It allows Atera to interact with Windows Update services and retrieve information about available updates for Windows systems. The WUA API enables efficient detection and management of updates, ensuring that systems are kept up to date with the latest patches and improvements. For comprehensive information on the Windows Update Agent (WUA) API and its functionality, see Patch Management Q&A - How It Works?
Q: Do Linux and Mac devices also use the Windows Update Agent (WUA) API?
A: No, Linux and Mac devices do not utilize the Windows Update Agent (WUA) API. Each operating system has its own update mechanisms. Linux devices use APT (Advanced Package Tool) to manage updates, while Mac devices rely on the native Mac OS software update tool for patch installation and management. For detailed information on the specific update processes for Linux and Mac devices, see Patch Management Q&A
Q: How does Atera handle End-User License Agreements (EULA)?
A: Atera handles End-User License Agreements (EULA) by automatically accepting them as required. This ensures a seamless and efficient process for users when encountering EULAs during software installations or updates.
IT automation
Q: What is an automation profile?
A: Automation profiles grant you access to a wide range of essential support tasks. These include patching, software bundle installation, Windows version upgrades, disk management, maintenance, and automated scripting.
Q: What is the cost of the automation module?
A: The module is included in all Atera subscriptions at no additional cost. You can enjoy the benefits without incurring any extra charges.
Q: How do I utilize an automation profile?
A: To make use of an automation profile, you need to assign it to a specific device, folder, or customer within the Atera platform. Once the profile has been assigned, it will initiate the scheduled automation tasks according to the configured settings. This allows you to automate various processes and streamline your IT operations efficiently. For more information, see:
- Assign automation profiles to sites, folders, or agents
- Assign automation profiles to customers, folders, or agents
Q: What is the distinction between assigning an automation profile to a customer, folder, or device?
A: Assigning an automation profile to a Customer will ensure that all agents associated with that customer, including newly installed agents, receive the profile automatically. When assigning the profile to a Folder, all agents within that folder, including newly installed agents, will receive the profile automatically. On the other hand, assigning the profile to a specific device will add the profile to that particular device only. This flexibility in assignment options allows you to customize the profiles based on your specific requirements, providing greater control and granularity over the automation process.
Q: Is there a limit to the number of profiles that a device can have?
A: No, there is no limit to the number of profiles that can be assigned to a device. You can assign multiple profiles to a device based on your specific automation needs, allowing for greater flexibility and customization in managing and automating tasks.
Q: What tasks can be automated using automation profiles?
A: Automation profiles offer a wide range of tasks that can be automated. Some of the key actions include:
- Automated Patch Management for Windows, Mac, and Linux devices
- Automated Patch Management for Software Applications
- Software bundle installation
- Automated Upgrades for Windows 10 and Windows 11
- Disk Management - Defragment (all disks), Run check disk (all disks).
- Automated maintenance options - Create System Restore Point, Delete Temp Files, Delete Internet History, Reboot, Shutdown.
- Automatic script execution
These automation capabilities empower you to streamline and simplify various IT tasks, enhancing productivity and efficiency within your environment.
Q: Can I create custom tasks for automation profiles?
A: While there is no built-in method to create custom tasks, the Scripts tasks within automation profiles offer a wide range of possibilities. With the Scripts task, you can execute custom scripts or commands, allowing for extensive flexibility and customization in automating specific tasks. This feature provides you with a powerful tool to tailor the automation process to your specific needs.
Q: What is the sequence in which the automation tasks run within an automation profile?
A: The tasks within an automation profile run in a random order, and there is no specific way to define the order in which they execute. To ensure a desired sequence of actions, it is recommended to create separate automation profiles for each specific task or category. For more information, see Patch management: best practices
Q: How should automation profiles be organized?
A: It is advisable to organize automation profiles based on the operating system and specific categories. For instance, create separate profiles for Windows, Mac, and Linux devices. Within each operating system category, further divide the profiles based on specific tasks such as Windows, Mac, and Linux Updates, Software Updates, Maintenance, and more. This organization helps maintain clarity and allows for efficient management of automation tasks within your environment.
Additionally, it is important to consider timezone differences when setting up automation profiles. Take into account the specific time zones of the devices or locations where the automation tasks will be executed. Aligning the schedule of the profiles with the appropriate time zones ensures that the automation runs effectively and at the desired times for each location. For more information, see Patch management: best practices
Q: When scheduling an automation profile, what time zone does the profile run on?
A: By default, automation profiles run based on the time zone specified in the Admin > Settings > General section of the Atera platform. However, you can select to run profiles based on the local device time. For more information, see Automate patch management via automation profiles
Q: What occurs if a device is offline while an automation profile is running?
A: You can configure automation profiles to retain actions in the device's queue for up to one month. This can be done for all profiles, or on a per-profile basis. For more information, see:
Q: Is there a report available that shows the actions performed by an automation profile?
A: The Patch and automation feedback report offers comprehensive details about the actions performed by an automation profile. From successful actions to errors and failures. This report provides valuable insights into the execution of the profile, allowing you to review and analyze the tasks completed. For more information see Operational reports: Patch and automation feedback
Q: Is there an article available that provides an explanation of the errors displayed in the Patch and automation feedback report?
A: Yes, there is! Please see Understanding the Patch and automation feedback report
Q: How can I prevent a profile from running?
A: There are a few options to prevent a profile from running:
- Remove the schedule: By removing the schedule of the profile, you can prevent it from running at the specified time or recurrence.
- Disable the profile: Disabling the profile will make the profile unusable. This can be done by navigating to the profile and selecting the Disable option. This allows you to easily enable it again when needed.
- Delete the profile: If you no longer require the profile, you can choose to delete it. However, please note that once deleted, the profile cannot be restored, so exercise caution before deleting.
These options provide you with the flexibility to control the execution of profiles and prevent them from running as needed.
Q: Can an ongoing automation profile be halted once it has commenced?
A: No, once an automation profile has started running, there is no way to stop it.
Q: Why do I observe a discrepancy between the patches listed in Atera and the patches displayed locally on the Windows device within Windows Updates?
A: The discrepancy arises because Atera utilizes the Windows Update Agent (WUA) API to interact with Windows Update and identify available updates. As Atera relies on the WUA API, the patches listed in Atera may differ from the ones displayed locally within the Windows Update on the device. Despite the differences, Atera's Patch Management module ensures comprehensive coverage and effective management of updates for Windows devices.
Q: Does Atera manage updates performed through the Windows Update Agent (WUA) API?
A: No, updates facilitated through the Windows Update Agent (WUA) API are managed and released by Microsoft. Atera does not have control over the release or management of updates through this channel.
Q: Does Microsoft make all updates accessible via the Windows Update Agent (WUA) API?
A: Indeed, all patches are accessible through the API, with the possibility of some updates becoming available later than their standard release date.
Q: Is it possible for one machine to download all the Windows updates, and other computers can then point to that machine to download those updates?
A: No, this configuration is not supported within the Atera Patch Management module. Each device is responsible for downloading and installing updates that are specifically available to it. The Patch Management module operates on a per-device basis, ensuring that updates are applied directly to each individual device. However, you have the option to set up a "WSUS" (Windows Server Update Services) outside of Atera. By configuring a WSUS server, you can centrally manage and distribute Windows updates to other computers within the network. The WSUS server acts as a repository for the updates, and other computers can be configured to point to the WSUS server to download and install the updates. This setup helps in conserving bandwidth and streamlining the update process across multiple machines. Please keep in mind that Atera support does not offer assistance for troubleshooting or setting up WSUS servers.
Q: Why do I encounter patches with a size of hundreds of GB?
A: Typically, updates of this size are cumulative updates for Windows. Atera retrieves these updates via the WUA API, and their size appears significant because they include support for all available Windows languages. However, it's important to note that Atera installs only the required languages, resulting in a considerably smaller actual update size.