We support browsers, not dinosaurs. Please update your browser if you want to see the content of this webpage correctly.

Patch Management in CloudCare

Add an essential part of a powerful endpoint security strategy to your CloudCare platform – easy software patching.

Patch Management is an integral layer of security to keep your customers’ applications safe

Stay ahead of the latest threats
Keep Windows operating systems and other third-party applications automatically up-to-date to prevent possible security gaps.
Maintain compliance
Identify and patch outdated or failed-to-install software to ensure company and regulatory compliance, and prevent security breaches.
Centralize and simplify management
Manage patches from one centralized page. Scan your customers’ devices, set schedules, and deploy approved patches at desired times.

What exactly is
Patch Management?

Patches are released to fix vulnerabilities or security gaps in Windows operating systems and other application software. If patches are not applied in a timely manner, networks can be severely compromised.

While most businesses are aware of the importance of patching, many don’t do it because there are too many patches, patching often interrupts operations, and and it can conflict with certain systems.

Patch Management solves these issues by making it easy to identify and deploy critical patches, and monitor ongoing activity from a central cloud management dashboard.

How does patching work?

Scan all devices for missing patches
Select the frequency of the patch scan, either daily, weekly, or monthly, and schedule at the precise time when you would like the scan to take place.
Deploy patches
All vendors, software applications, and severities patched automatically or manually by approvals, but you can also easily exclude any application that you don’t want patched.
Review patch status
From the dashboard, you can view missing patches, patch names and severity levels, along with release notes, release dates, and more.

Features

Flexible deployment schedules
Schedule and deploy approved patches at desired times or manually deploy to groups or individual devices.
Master agent capabilities
Download all missing patches to a master agent that seamlessly distributes patches to all managed devices in the network.
Intuitive dashboard
Manage all software patches and view graphical summaries of installed, missing, or failed patches from any device.
Patch scan results
View detailed results from a single platform that includes information on missing patches, severity levels, knowledge base links, release dates, descriptions, and more.
Customizable patches
Choose software vendors, products, and the severity of patches to scan and install. Easily create exclusions for applications.
Automatic scans
Schedule patch scans to run automatically every 24 hours and set approved patches to deploy automatically. These default settings can be customized at any time.
Thousands of patches
Deploy patches for Windows operating systems and thousands of other third-party software applications, for comprehensive protection.
Roll back and ignore
Simply roll back patches from individual devices if they are unstable, or ignore them so they don’t show up in patch results or get redeployed.

Easily check the status of your patches

CloudCare

Get Patch in the CloudCare platform

Patch Management and any of the Avast Business antivirus products are deployed through the CloudCare layered security platform. Easily manage and monitor your clients’ endpoint and network security from a single, cloud-based platform for seamless protection across all devices.

Everything you need to know to use your Patch Management like a pro

Yes, it is highly recommended that you change Windows Update settings for your devices via the Windows Update Center and/or Group Policy so Patch Management can provide updates.

  • The Windows Update service must not be disabled; rather, it should be set to either Manual or Automatic to successfully deploy patches. In addition, the Windows Update setting on each target machine (Control Panel > System and Security > Windows Update > Change settings) should be set to Never check for updates.

Deployment of patches will run under the remote machine's Local System account so make sure this is allowed.

You can set up your patch schedule in Policies > Patch Management > Patch Deployment. All devices under the Patch Management policy will follow the schedule you set.

Patches page provides detailed information on the severity of missing, approved, failed, ignored, and installed patches with vendors, and software applications.

You will be able to see how many devices are licensed for patch under the ‘Devices’ section in a customer account.

1. The patch is currently being installed on those devices and will sync back with the console after the patch has been successfully installed.

2. The patch could have failed to install and will be scheduled for a reinstall based on your patch deployment schedule.

3. The device is offline.

You can modify the patch auto-approval rules for vendors, applications, and severity by going to Policies > Patch Management > Auto-Approval rules tab.

Yes, you can manually deploy patches to individual devices and groups of devices in one step by selecting patches under Patches, then Approve for Deployment.

Missing: Patch is missing from device(s)

Approved: Patch is approved to be deployed to device(s)

Deployed: Patch successfully deployed to device(s)

Failed: Failed to deploy patch/es to device(s)

Ignored: Patch has been ignored and will not be deployed

It could take anywhere from a few seconds to several hours. The time depends on the size of the patch that is being downloaded to the device, the software application it is updating, and the hardware of the device.

Yes, the device you have selected as the Update Agent will be used to store the software application patches and will distribute them to devices on the network to save bandwidth. If you do not have an Update Agent selected, devices will download the software application patch directly from the internet (not recommended).