Patch Management Testing
We have a test group setup that tests new patches that were released to see how they will affect our programs. Is it possible to set something up that after a week of testing, the patches will go out to the rest of our environment?
0 Comments
[ + ] Show comments
Answers (3)
Please log in to answer
Posted by:
Nico_K
6 years ago
create different schedules with different labels, so that after the test group has been updated a week later the rest of the env is patched.
Comments:
-
We actually do have that all done but how do we tell Kace not to send the patches out to the rest of the labels without having to do it manually? - abratton 6 years ago
Posted by:
PaulGibson
6 years ago
I've got a Detect scheduled to run on all the computers, and two Smart Labels setup for patching, something like this:
For the early deploy, my Smart Label is
Status is Active
Type is not Software Installer
Missing is True
Released is not within last 2 days
For the main deploy, my Smart Label is
Status is Active
Type is not Software Installer
Missing is True
Released is not within last 4 days
You could use the second one and change it to a longer period, say 9 days. If a patch doesn't cause problems, it'll be automatically pushed out to all the computers. If a patch does cause problems, you've got a few days to logon to disable it.
Posted by:
Hobbsy
6 years ago
If you have created a label that contains the patches that you are testing, all you need to do is create a fresh label but add in the criteria "But not if released within the last 7 days" and use that label to distribute the patches to your environment.
That way you are guaranteed only the patches you tested are the patches you send to the rest of the business
