What are the new features in Patch Management Solution 7
Last Updated March 10, 2009
Question What new features have been added to Patch Management Solution 7?
New Features in Patch Management Solution 7
The following are new features of this release:
By default, Software Update agents will respect Maintenance Windows if one is configured and applies to the agent computer. This is controlled by the ‘Override Maintenance Window’ setting on the Agent Configuration Policy. If this setting is not enabled, and a Maintenance Window applies to the agent computer, it will only install updates and trigger required reboots when that Window is Open. If the Window is not Open, the installations and reboots are deferred until the Window next opens. If the setting is enabled, the agent will ignore Maintenance Windows and use the installation and reboot options defined in the configuration policy. Software Update policies set to run ASAP or at a Custom time can be set to override Maintenance Windows.
Reporting Changes in 7.0
The number of reports and reporting infrastructure has improved with Notification Server 7.0, resulting in fewer reports and an improved dashboard user interface. Patch Management Solution 7.0 for Windows includes the followingdefault reports:
Microsoft Compliance by Bulletin
Microsoft Compliance by Computer
Microsoft Compliance by Update
Microsoft Compliance Summary
Microsoft Vulnerability Analysis Summary
Software Bulletin Details
Windows Software Update Agent Rollout Status
Software Update Delivery Summary
All other existing reports, including custom reports, will not be included or upgraded to 7.0.
Retired managed computers no longer consume a license nor do they appear in vulnerability reports
Managed computers with a “Retired” status will release their license, freeing it up for new computers coming online.These computers will also no longer appear in the Compliance and vulnerability reports.
Notification Server 7.0 hierarchy and organizational view features are supported
Notification Server 7.0 has new hierarchy features that let you manage a group of Notification Servers by simply configuring a parent that passes all configuration settings and resources to child Notification Servers. This functionality is supported in Patch Management Solution for Windows through two separate replication rules: one to allow the replication of Patch Management Import data based on the managed languages of the child Notification Server and one to allow the selection of Software Update policies to replicate to the child. Summary compliance information is also sent up the hierarchy daily and can be viewed in the Microsoft Compliance Summary report.
Distribute software updates across multiple time zones
You can now simultaneously distribute software updates to managed computers across multiple time zones, at a time specified on a single Notification Server. Previously, software updates were installed according to the time on managed computers’ clocks. The new user interface control is found in the Software Update Policy Wizard scheduling options, with the choice to distribute packages at server time, client time, or UTC time.
Offline Microsoft Patch Management Import files are now supported
Notification Servers without Internet access can now download Microsoft Patch Management Import files from a local caching server. Taking advantage of new Notification Server 7.0 hierarchy features, enabling software bulletins on a child Notification Server (without Internet access) will download the relevant files from a parent Notification Server, where the files are cached.
Disable superseded software updates
The field, Disable all Advertisements for Superseded Software Updates, on the Microsoft Patch Management Import task lets you disable any Software Update policies with superseded software updates. You can also control this function and set a schedule for it in the Disable Superseded Software Update Advertisements server task. After PMImport has run, any Software Update policies with superseded software updates are disabled and the administrator isnotified by the Disabled Advertisements Notification Server policy (which must be enabled). An obsolete Software Update policy is disabled only if you created a new one from the superseding software update.
Inventory rules only run against applicable inventory and have increased performance
To reduce bandwidth use, inventory rules that run on managed computers only run against applicable inventory items. For example, if a managed computer has Windows XP SP2 installed, the Software Update Agent will run inventory against and report on items only applicable to Windows XP SP2. The inventory rules are now contained in an SQLite database increasing the speed of the inventory process of reading of the xml file used previously.
New task 'Check Software Update Package Integrity'
This is a Task server task and has 3 functions it can perform; Delete physical packages for discovered orphaned software packages, Delete physical files for packages with no associated advertisements and Relocate existing packages if default software update package location has changed
Notification can be sent when new Bulletins are available
Administrators can configure the Microsoft Patch Management Import task to send a customized message to specified recipients at the completion of Microsoft Patch Management Import downloads.
Quicker distribution of software updates
Behind-the-scenes modifications have increased the distribution time of updates being rolled out to computers. Resource targeting has been modified to be more efficient, it is only looking at the applicable dataclass now. The inventory rule process has been streamlined.
NOTE: This information was taken from the release notes and modified slightly to remove entries that were not new features and clarify the information.
Imported Document ID: HOWTO9858
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe