Patch Management Guide
When using the ConnectSecure Patch engine to update the application, we thoroughly verify before deploying any patches or updates. This includes checking the file hashes to ensure the integrity and authenticity of the downloaded files and checksum validations.
Table of Contents
- 1 Table of Contents
- 2 Patch Management Scope
- 3 Patch Management Requirements
- 4 ConnectSecure Patch Release Schedule and Patch Tuesday Alignment
- 5 Patch Deployment Methods
- 6 Patch Dashboard and Reporting
- 6.1 Dashboard
- 6.1.1 Company Patch Management
- 6.1.2 Global Patch Management
- 6.2 Standard Reports
- 6.1 Dashboard
- 7 Need Support?
Patch Management Scope
ConnectSecure divides patching into two types.
Application - any installed application not part of the operating system that is included in the supported application list found here: Application Patching List
OS - any released operating system patch by Microsoft; OS patching is now limited to Windows.
Windows Supported Versions
Desktop | Server |
|---|---|
Windows 10/11 | Windows 2012/16/19/22 |
Patch List Updates
In the Portal, you can click the bell icon to see newly added applications as well as any applications that have been removed from the Application Patching List.
Click Agree to acknowledge the changes. When a user accepts the update, Portal Admins can view that acknowledgment in the Audit Logs.
Patch Management Requirements
For a full listing of the dependency, check the Agent Configurations
ConnectSecure uses the Microsoft WinGet as a fallback mechanism for patching. Please consider whitelisting the following executable and URL if you plan to use patching.
Application Patching:
Target the WinGet executable which is ‘winget.exe'
OS Patching:
https://catalog.s.download.windowsupdate.comhttps://catalog.sf.dl.delivery.mp.microsoft.com
ConnectSecure Patch Release Schedule and Patch Tuesday Alignment
ConnectSecure aligns with Microsoft’s monthly Patch Tuesday cycle. After Microsoft publishes their monthly updates, we ingest and map those patches into the platform.
Microsoft’s update-priority model does not change this process. We continue to align with Microsoft’s official patch releases to ensure updates are delivered in a timely and consistent manner.
After Microsoft releases updates each month, the patches are reviewed and then published within ConnectSecure. They are also manually reviewed and tested before being made available for deployment, ensuring stability before release.
Patch Deployment Methods
Application and/or OS patching can be done manually or automated through the Scan Scheduler.
Manual Patching
You must be at the Company level to initiate manual patching.
Select the applicable asset(s), then choose the Patch button; otherwise, click Cancel not to patch.
Tap on the Patch Jobs section to view details about the company patch jobs.
Tap the Created date/time stamp to view additional patch job details.
Automatic Patching
You can use the Company Scheduler or Global Scheduler to build an automatic patch schedule based on your requirements.
We recommend starting at the Global Scheduler first, then working down to the Company Scheduler options to build any company-specific policies.
Patch Dashboard and Reporting
Dashboard
Company Patch Management
Navigate to the company-level Patch Management dashboard to see Patch Details, Automatic Patching, Manual Patching, and Patch Status views.
You can also view the Pending OS Patches dashboard for the pending summary and detailed data.
Global Patch Management
Use the ‘Patch Management by Company’ or ‘Pending OS Patches’ dashboards at the global level.
Standard Reports
Navigate to the Standard Reports module under any company and search for ‘patch’ to see the available reports relating to patching.
The global level has the Patch Job Details Excel.
Need Support?
If you need assistance, our support team is here to help. You can create, view, and manage support tickets through our portal at any time.
Support Portal: https://connectsecure.freshdesk.com
Email: support@connectsecure.com