Create a Patch Management policy

Refer to Permissions.

Account → Policies

Sites → select a site → Policies

Not sure how to set this up? You can schedule a free half-hour product knowledge session with one of our product experts even before things go horribly wrong. You'll be glad you did!

What is a patch management policy?

With a patch management policy, you are pre-approving patches to be installed on your Windows devices on an ongoing basis, based on conditions you define. A patch management policy can not only manage the patches made available in Windows Update, but it also gives you much more control, lowers your workload, and increases the security of your device estate.

You can set up an Account-level or Site-level policy that can target multiple devices, define the patch window, patch location, automatic approval rules, and special options such as reboot behavior. You can also create a patch management policy for audit purposes only. You can even apply Site-level overriding of Account-level patch policy options.

We recommend that you create at least two patch policies: one for workstations and one for servers.

Only Windows Managed Agents support patch management. Refer to Managed and OnDemand Agents.

For more information on patch management, refer to Patch Management.

How to...



Need to troubleshoot this? Open the Datto Knowledge Base.
Want to talk about it? Head on over to our Community Forum!
Forward this topic to others.
Provide feedback for the Documentation team