How best to organize endpoints

Hi Guys and Gals,

I have been struggling on how best to organize endpoints. The background is that my company is a MSP so we have several companies depending on us for patch management. What I have been doing is deploying a CID (custom property) to the respective endpoints. CID stands for customer ID, and is usually a 4 digit number. So customer 1 is 0001, customer 2 is 0002, etc…

I set up custom sites (one for each customer) and assign the endpoints based on CID. The endpoints are subscribed to the custom site and Patches for Windows. Patches for Windows has “all computers”. Normally this work ok but I feel that it is a bit slow.

Now we are about to include unix/linux patches… I am not sure if I should subscribe “ALL Computer” to each external site or if I should try to filter on cid.

Anyone doing something like this?

You could (and should) restrict the membership using Relevance. The external sites will also have their own relevance in the form of “External Subscription Constraints”, but there’s no point in making extra systems evaluate the constraints unless they have to…

  • Windows of Operating System
  • UNIX of Operating System
  • Mac of Operating System

Thanks Tim for your reply.

So for example… On the external site labeled “Patches for RedHat Enterprise Linux”, my options are “All computers”, “no computers” or “Computers which match…”

If I configure “Computers which match…” OS contains Linux Red Hat Enterprise Sever…

I should be good?

I think most of us probably change that drop-down to “Custom Relevance”. Otherwise, it’s probably easier to create an Automatic Group, and use the group membership as your subscription criteria.

In your specific example, if you were to use “Computers which match…” “OS contains Linux Red Hat Enterprise Server”, that would cause any Red Hat Workstations to not subscribe.

Jason - you gave me a couple of ideas…
The automatic group based on a CID and OS is Unix, would work for me… Then I could use the group to subscribe to the site.

In our case, all of our customers have Windows based laptops/desktops however the servers have always been Windows. We are now in the process of adding “unix” servers (no workstations) so I think the above solution will work.