Log in

How can we help?

  1. Atera Support
  2. Atera MSP
  3. Remote Monitoring and Management (RMM)
  4. Remote Monitoring and Management (RMM) - Become an Expert
Help Center
    Was this helpful?
    0 out of 0 found this helpful

    Patch management: best practices

    In this article, we will discuss the best practices when it comes to using Patch Management and IT Automation profiles in Atera and getting a high success rate. 

     

    It is important not to use one IT automation profile for all your monitored agents. First, please ensure to split the profiles based on systems' OS: one profile for Windows workstations, one for Windows Servers and one profile for MACs.

    Next, separate main tasks into separate profiles based on how much weight they put on a system. Also, schedule them to run at one hour or one hour and a half between each other.

    An example of how you can create the profiles:

    1. First profile to Create System Restore Point (this takes a while)
    2. Second Profile to Delete Temp Files then Delete internet history
    3. Third profile to perform the necessary updates

    The best practice when running patches and updates that require a system reboot would be to have a separate IT Automation Profile dedicated only for the system reboot that runs a couple of hours after the first profile execution ended. This is because the IT Automation Profile will trigger all tasks related to it simultaneously and the machine could reboot before actually installing the missing patches. 

     

    NOTE: Do take into account devices that are offline during the profile execution as that could cause unwanted reboots when the profile is triggered (based on "Run on offline agents" setting). We recommend running all profiles outside of business hours and instructing the users to not turn off their machines to ensure a high success rate. 

     

    Low feedback success score

    Sometimes you may get a low success rate after executing an IT Automation profile and checking the Feedback report. 

    Do note that the Patch & Automation Feedback email is always sent one hour after the IT automation was executed. However, if the "Run on offline agents" setting is set for more than 1 hour than more results will keep coming after the email was sent and the report will be different from the e-mail. Therefore, while some tasks may still be running in the backend, the feedback report would show these as failed.

    In this case, try to schedule/check the Feedback report a few hours after the profile was executed.

     

    Run the profile on newly installed agents

    Having multiple profiles with the option "Run the profile on newly installed agents", on the same customer, can create conflicts when the profile runs on a newly installed agent. Make sure to use tasks that do not conflict with each other, in case you have scripts on each profile, make sure that both can run at the same time.

     

    For more details on patch management troubleshooting, please check this article

     

     

     

    Still have a question? Contact us
    Alina Anton

    Related articles