Operating System Requirements for the Patch Server
- Microsoft Windows 10 (64-bit) and above
- Microsoft Windows Server 2012 (64-bit) and above
Note: The machine on which you are installing the Patch Management Server has to be on the public network (IP and FQDN).
Installing Patch Management Server
To begin installation of Patch Management server, follow these steps:
-
For 64-Bit Windows OS, download the setup from one of the following links:
https://dlupdate.quickheal.com/builds/seqrite/uemcp/pms/en/pmsetup64.msi
https://download.quickheal.com/builds/seqrite/uemcp/pms/en/pmsetup64.msi - Launch the setup on machine within the network where you want to install the Seqrite patch server.The Seqrite Patch Management Server Setup Wizard screen appears.
- On the Patch Management Server Setup Wizard, click Next.The license agreement appears. Read the License Agreement carefully.
- Select the I Agree check box to accept the license agreement and then click Next.
- Click Browse if you want to install Patch Management server on a different location. To proceed with the installation default path, click Next.
- The Patch Database Settings screen appears. The patch content storage folder path appears. Click Browse if you want to change the patch content storage path.
- Select the Import Patch Server Data check box if you want to change the default location. Click Browse to locate the path.
- Click Next.
-
The Proxy Settings screen appears. To enable and configure proxy settings, do the following:
i. Select the Enable Proxy Settings check box.
ii. In the Proxy Server text box, type the IP address of the proxy server or domain name (For example, proxy.yourcompany.com).
iii. In Port text box, type the port number of the proxy server (For example: 80).
iv. Select the Enable Authentication (If any) check box.
v. In the User name and Password fields, type in your server credentials.
vi. Click Next. -
The Pre-requisite – MySQL 5.7.37 Location screen appears.
You need to provide a path for MySQL 5.7.37 setup (x64) file.
If you do not have MySQL 5.7.37 setup file, download from the given link and provide the path. - Click Next. The file will be verified.
-
The MySQL Configuration Setting screen appears.
- Enter Communication Port number.
- Enter password for MySQL ‘Root’ user. In the Confirm password text box, retype the password.
- Click Next.
-
In the Upstream Patch Server screen, select one of the following:
- Microsoft: The upstream patch server used is Microsoft patch server. This option is selected by default.
- Organization Patch Server (WSUS): The upstream patch server used is Organization Patch server (WSUS – Windows Server Update Service). If you select this option, type in WSUS server URL.
Note☛
In the case of an air-gapped network, users should opt for an offline repository setup - Click Next.
-
On the Website Configuration screen:
- Click the Public IP/FQDN radio button. Enter the valid Public IP/FQDN.
- In the SSL Port text box, enter the SSL port number. This port number will serve as a listening port for the server.
- Click Next.
- On confirmation prompt, click Yes
- The installation summary screen appears. You can change your settings if required by clicking Back. Click Install. The installation starts.
-
To complete the installation, click Finish.
If installation/uninstallation is failed, then only the View installation log check box is displayed. To view the log, select the View installation log check box.
-
After the installation is complete, add Seqrite patch server through EPP console and then it becomes available to use.
The Patch Management feature is applicable only for the clients with Microsoft Windows OS; does not support Mac, and Linux operating systems.
Back up the Patch Server Data
You can back up the patch database and patch content of the patch server.
To back up the patch Server data, follow these steps:
- Manually back up all the files and folders present in the
/Seqrite patch management/patch server/content folder. - Select Start > Programs > Seqrite Patch server Data Backup.
The Backup wizard starts. - Click Browse to specify the path where you want to back up patch database.
- Click Backup.
The database file, pmdb.exp is generated. This file can be used to restore patch server data base.
Uninstalling Patch Server
If you need to uninstall the patch server, follow these steps:
- Go to Start > Programs > Uninstall patch server.
The uninstaller wizard starts. - Complete the wizard to uninstall the patch server.
Adding a Patch Server
To add a patch server, follow these steps.
- Go to EPP Console > Configurations > Patch management.
- Click the Patch Server Installer button to download the setup file.
- Follow the steps displayed on the UI to proceed.
- Click Add Patch Server. The Add Patch Server screen appears.
- Enter the patch server name.
- Enter the Public IP/FQDN of the system where the Patch Management server is installed.
- Enter the port SSL Port number. By default 6201 appears.
- After entering these details, click Add.
The new patch server is added now and appears on the Patch Management page.
You can add multiple Patch Servers.
If multiple patch servers are added, you can sort the list as per Patch Server Name, Patch Server IP/FQDN, and Status.
Editing the Patch Server
To edit a patch server, follow these steps.
- Go to EPP Console > Configurations > Patch Management. Existing patch servers are listed.
- Click the Edit icon of the patch server that you want to edit.
- The patch server details appear. In Patch Synchronization and Configuration tab, you can view previous patch synchronization status with time stamp.
- Here you can edit the SSL port number. Also, you can edit the Patch Synchronization details, as required.
- By default, the Upstream Server is Microsoft Patch Server. You can change the Upstream Patch Server if required. If you select the option Local Seqrite Patch Server, select the server from the list.
- In Internet Settings tab, provide proxy settings if required.
- Click Save.
Schedule Patch Synchronization
- Select the Enable Schedule Patch Synchronization check box.
- Select the Frequency of patch synchronization, either Weekly or Monthly.
- Select Weekday from the list to run patch synchronization.
- Select the time to run patch synchronization by selecting hours and minutes in the Start At list.
- Click Apply Filters to specify filters for patch synchronization.
- Click Start sync to run patch synchronization instantly.
- You can click Stop sync to stop patch synchronization if it is running. A notification is sent to the patch management server.
Applying Filters
If you select the Parent patch server as Microsoft, then only these filters are applicable.
If you select the Parent patch server as WSUS, all metadata available on WSUS is synchronized. Microsoft filters are not applicable.
If you select the Upstream Patch Server as Local Seqrite Patch Server, then filters enabled on the selected server are applicable.
To apply filters, follow these steps.
- If you want to apply filters for downloading and synchronizing the patches, click Apply Filters. The Filters dialog appears.
- In Categories accordion, click + to expand. Either you can select the All Categories check box to select all categories to be synchronized for Microsoft applications or select the type of patches from the list, as required.
- In Languages accordion, click + to expand. Here you can select the languages for the patches for Microsoft applications. Select one of the following options.
- Download patches in all languages
- Download patches in the following selected languages – If you select this option, select the languages from the list.
- In Products accordion, click + to expand.
Here you can select the products for which you want to receive the patches. Either you select All products or select products as required from the list. - Click Apply.
The patch settings are updated.
Patch Management supports the following applications along with Microsoft applications,
- Adobe
- VideoLAN
- Adobe Systems, Inc.
- Microsoft
- PuTTY
- Notepad++, Inc.
- Oracle Corp.
- 7-Zip
- Mozilla Foundation
Patch Synchronization
To start patch synchronization, follow these steps.
1. Go to Patch Server Task Scheduler >Task Scheduler Library.
2. Run Seqrite Schedule Patch Sync to trigger on demand Patch Sync.
Note
Go to Patch Synchronization Configuration, select and save required filters, and click Start Sync for on demand patch synchronization.
When the patch synchronization is complete as per applied filters, patch synchronization status is shown as Successful with timestamp.
When the patch synchronization is failed as per applied filters, patch synchronization status is shown as Failed with timestamp.
When the patch synchronization is aborted as per applied filters, patch synchronization status is shown as Aborted with timestamp.
Deleting the Patch Server
To delete a patch server, follow these steps.
- Go to EPP Console > Configurations > Patch Management. Existing patch servers are listed.
- Click the Trash icon of the patch server that you want to edit.
- Click Yes on the confirmation dialog box. The patch server is deleted.
The patch server is deleted.