Log in

How can we help?

  1. Atera Support
  2. Atera MSP
  3. Remote Monitoring and Management (RMM)
  4. Remote Monitoring and Management (RMM) - Become an Expert
Help Center

    Patch management: best practices

    In this article, we will discuss the best practices when it comes to using Patch Management and IT Automation profiles in Atera and getting a high success rate. 

     

    Best practices

    It is important not to use one IT automation profile for all your monitored agents. First, please ensure to split the profiles based on systems' OS: one profile for Windows workstations, one for Windows Servers and one profile for MACs.

    Next, separate main tasks into separate profiles based on how much weight they put on a system. Also, schedule them to run for one hour or one hour and a half between each other.

    An example of how you can create the profiles:

    1. First profile to Create System Restore Point (this takes a while)
    2. Second Profile to Delete Temp Files then Delete internet history
    3. Third profile to perform the necessary updates

    The recommended approach for implementing patches and updates that necessitate a system reboot would be to activate the "Reboot if needed" feature. This feature ensures that devices are only restarted if an update specifically requires it. Additionally, you have the flexibility to customize the timing of the reboot through Configuration policies. For more information on this topic, please refer to the Configuration policies article.

     

    NOTE: Do take into account devices that are offline during the profile execution as that could cause unwanted reboots when the profile is triggered (based on "Run on offline agents" setting). We recommend running all profiles outside of business hours and instructing the users to not turn off their machines to ensure a high success rate. 

     

    Low feedback success score

    Sometimes you may get a low success rate after executing an IT Automation profile and checking the Feedback report. 

    Do note that the Patch & Automation Feedback email is always sent one hour after the IT automation was executed. However, if the "Run on offline agents" setting is set for more than 1 hour then more results will keep coming after the email was sent and the report will be different from the e-mail. Therefore, while some tasks may still be running in the backend, the feedback report would show these as failed.

    In this case, try to schedule/check the Feedback report a few hours after the profile was executed.

     

    Run the profile on newly installed agents

    Having multiple profiles with the option "Run the profile on newly installed agents", on the same customer, can create conflicts when the profile runs on a newly installed agent. Make sure to use tasks that do not conflict with each other, in case you have scripts on each profile, make sure that both can run at the same time.

     

    For more details on patch management troubleshooting, please check this article

     

     

     

    Still have a question? Contact us
    Alina Anton

    Related articles