Patch Management

Modified on Wed, Aug 6 at 3:10 PM

You can find this module at the Company level only,

Patch Management is where you will find any of the missing patches supported to be installed directly by the ConnectSecure agent.

Patch Management is compatible with both Probe and Lightweight agents.
When using the Probe agent, patch applications are first downloaded by the Probe and then copied to the remote asset for installation—ideal for patching devices without a Lightweight agent.
In contrast, systems running the Lightweight agent will handle patching locally, downloading and applying packages directly to the device.

Consider adding ‘connectsecurepatch.exe’ if you intend to use the Patch Management feature included with the ConnectSecure agent.

Our patch agent retrieves the necessary packages from the official website, so the remote asset we patch must have access to download these packages.

Furthermore, the patch agent initiates OS patching by triggering the Windows Update Manager to apply the relevant security updates listed in the portal. We can also control whether the system can be rebooted after successful patching for OS patches only.

Check out the Patch Management Guidefor complete details.

Visit our YouTube Channel for more video content: https://www.youtube.com/@connectsecure

Table of Contents
Patch Management - Details
Patch Job Failures
Date Filter
Patch Management - Toolbar Options
- Alerts
- Info
- Help Link
- Layout Settings
Get Support

Patch Management - Details

Access the Patch Management from the Assets category.

Application Patching

To view the list of software that needs to be patched, please check the table and review the details provided.

Field	Description
Software Name	Displays the name of the software that requires patching
Software Version	Displays the version number of the software
Fix Version	Displays a hyperlink to the recommended fix
Affected OS	Displays the affected operating system name
Assets	Displays a hyperlink to the count of assets affected
Action	The three-dot action menu provides a manual ‘Patch’ button

Manual Application Patching

Tap the three-dot Action menu to apply an available application patch, then choose Patch Now or Patch Later.

Patch Later option lets you set a later date and time to patch

Otherwise, Patch Now will run the selected patch and asset(s) immediately.

3rd Party - Application Patching does not reboot machines; there is no option to do this.

Automatic Application Patching

See the Patch Scheduler found at the Company or Global level.

OS Patching

To view the list of OS patches that need to be installed, please check the table and review the details provided.

Manual OS Patching

Tap on the OS Patching tab, then use the three-dot Action menu to select Patch on any available records.

You will be prompted to select the patch installation's machine(s) and reboot settings.

ConnectSecure is passing the flag for reboot to the Microsoft Update Manager, so Microsoft will show prompts for the force to reboot.

Automatic OS Patching

See the Patch Scheduler found at the Company or Global level.

Patch Jobs

For Agent Offline assets, the job will be picked up once the agent comes online within 24 hours.
Agent will monitor the agent status for 24 hours, if agent comes online it will pick up the patch job.
This behavior will be seen for manual and scheduled patching jobs.
If the agent is still offline after 24 hours, the job will state as failed.

We have added additional information when a patch is failing. We now display the download URL and Request Time in the error log when the patch fails because of download restriction. This will help you troubleshoot the reason for the patch failure and also open/whitelist any URLs required.

We have a local patch log file on the remote agent machine located here:

C:\Program Files (x86)\CyberCNSAgent\logs\cyberpatch.log

View the patch job details and sort on the columns.

Tap the Created or Updated date fields to view additional patch job details, including the Asset Name, Status, From Version, and to version values.

When a Patch Job is pending, selecting the three-dot action menu reveals the option to terminate the job.

Patch Job Failures

If you see "FAILED" under the Job Status for patching, click on the Created date and time column to view more details that can assist with resolution.

Date Filter

Allows users to filter table data by selecting a specific date. The table will update to display entries that match the selected timeframe.

Patch Management - Toolbar Options

Alerts

View our timeline style of System Events captured for each company. You can set an optional date filter range to target a specific date range of events.

Info

Tap here to view your V4 Getting Started Info.

https://cybercns.atlassian.net/wiki/x/MIDKfw

Help Link

Click to access the related documentation page; this link is functional on all screens and will take you to the appropriate documentation page.

Layout Settings

Here, you can change the UI look and feel using various options, including the Theme for color, the Scheme for dark and light mode, the Layout for toolbar and module positions, and the toggle to set the table view default.

I prefer the Teal color, Light mode, and Classic layout with an asset table view.