Set up Automated Patch Management With IT Automation

Patch management is a crucial aspect of IT administration. It involves patching security vulnerabilities, eradicating bugs, as well as improving usability and performance by making sure software is up to date. To learn more about how Patch Management works, please see our Patch Management Q & A. Atera's Patch Management gives you total administrative control over all your customers’ patches, from within the platform.

To set up automated Patch Management:

1. From Admin, click on Patch Management and IT Automation.

2. Select Add Profile (bottom, right of the page) to create an IT Automation profile.

3. Enter a name for the profile, and click Apply. The Edit Automation Profile screen appears.

4. Check the boxes of the patches you wish to install and the automations you wish to include.

Categories include:

OS Patch Management (Includes critical, security, service packs, drivers and tools, and Mac OS updates).
OS Excluded Patches (You can exclude certain OS patches).
Software Patch Management (Software patches are installed via Chocolatey for Windows and Homebrew for Mac package managers. Learn more)
Software Excluded Patches (You can exclude certain software patches).
Software Bundle (You can attach a software bundle, for automated installation. Learn more)
Upgrades (upgrades to the latest Windows 10 version).
Disk Management (Defragment or run Checkdisk).
Maintenance (Create a system restore point, delete temp files or internet history, reboot, or shutdown).
Scripts (You can attach scripts, to have them run with the automation profile. Additionally, you can edit variable values (when applicable), enabling you to run the same script with different variables).

To install the patches immediately:

Select Execute Now (top of page).

To choose a weekly and/or monthly automation schedule:

a. After selecting the patches you wish to install, click on Weekly or Monthly (top of page).

b. Then click the icon, and set your desired schedule.

c. Click Apply.

To automatically run the profile upon new agent installation:

Check the checkbox next to Run the profile on newly installed agents

Note: If you wish to schedule the automated Reboot or Shutdown (under Maintenance), we strongly recommend creating separate automation profiles for these, as they may disrupt other selected actions on a profile.

5. You can exclude certain patches. It can be used for excluding problematic patches after trying them out on a demo or test environment for several days. For more information, refer to the section, How Can I Exclude Patches From The Automation Profile

6. Optionally, you can add email addresses (technician's/customer's) to receive detailed reports of patch installation success (or failure), each time, after an automation runs.

7. Select Save to save your newly created automation profile.

Note: Patch automation will run at the local time of the device location.

8. Assign the profile to your customer(s) or a specific Agent. See: Assign an IT Automation Profile to your Customer(s) or an Agent (below).

Assign an IT Automation Profile to your Customer(s) or an Agent

Once you have created an IT Automation profile, you'll need to assign it to your customer(s) or a specific agent.

To assign an IT automation profile to an Agent:

1. Click on an Agent. The Agent screen appears.

2. Under Profiles > IT Automation profile, click Manage. The Select IT Automation Profile dialog box appears.

patch_6.5.jpg

3. Select the IT automation profile from the Attach new Profile drop down menu, and click Apply. The automation profile is now assigned to the Agent.

To assign an IT automation profile to your customer(s) or multiple agents:

1. Click on Devices. The devices page appears.

2. Check the box(s) to select all your agents, or specific agents.

3. Click on the (Assign IT Automation Profile) icon above.