Patch management is the process that helps acquire, test and install multiple patches (code changes) on existing applications and software tools on a computer, enabling systems to stay updated on existing patches and determining which patches are the appropriate ones. Managing patches thus becomes easy and simple.
Patch Management is mostly done by software companies as part of their internal efforts to fix problems with the different versions of software programs and also to help analyze existing software programs and detect any potential lack of security features or other upgrades.
Software patches help fix those problems that exist and are noticed only after the software's initial release. Patches mostly concern security while there are some patches that concern the specific functionality of programs as well.
The way patches are delivered and applied has undergone a drastic change over the course of years. Earlier, during the days of the traditional fee-licensing software delivery, patches were delivered on external media as stand-alone code modules which would then be added to an already installed software program. But today, in the age of web-delivered systems and cloud-hosting models, it's all different. Patches today can be applied to software programs over the global IP network; they no longer have to be sent on external media. This is the age of automatic addition of software patches and upgrades.
A patch management software would scan systems and find out if further patches are needed, thereby helping companies ensure if the software programs they are using have all that's needed for full-fledged functioning.
In general, IT administrators know which security issues and software updates are relevant to their environment. To support you, Comodo's industry-leading Patch Management Operation Team monitors sources of intelligence from:
Comodo ONE performs automatic discovery of Windows systems (using Active Directory) and Linux systems to deliver intelligence that gives you a real-time view of your network:
In-built categorization allows you to prioritize your patch deployments based on details like severity, vendor or type.
Critical patches and security patches can be automated and scheduled to run daily right out-of-the-box whereas, all other patches could be scheduled for the regular periodic maintenance window.
Patches can be deployed out-of-the-box or a workflow can be applied to validate them before auto installation. You can run tests on desired systems first in order to approve either single or bulk patches. Once satisfied you can mark them as approved or unapproved.
Your automation policies can deploy all patches matching the criteria you defined or only the approved patches matching the criteria you defined per policy.
Although Comodo does extensive and deep testing, we also empower our users to perform their own tests.
Comodo ONE™ Platform enables you to track all changes done through your endpoint patch policies and the latest status of your network. Administrators can generate reports to track the applied patches as well as the missing patches and check the patch procedure details to see the successful operations as well as any failed deployment attempts.
The patches are deployed based on the delta between endpoint and latest patch intelligence gathered. When configured on-demand or by policy, the agent applies the relevant updates and patches to create an efficient and fast process. The status of deployment is then updated in real-time in Comodo ONE.
The installation process can be scheduled or triggered on-demand based on existing procedure or selected patches and devices such as:
Every single application can be tracked and patched over your network in real-time and it provides:
Comodo ONE Platform enables you to stay compliant on your entire network