I am starting from square one in a new data center and my test server is showing relevance for MS patches as far back as 2016. The initial baseline is huge. Is it best to include all of them or can I safely choose year 2019 to present? Any other advise or links on “tuning” a new environment?
If you haven’t done so already, I’d highly recommend having a look at BigFix Patch Policy as a means to simplify and automate in such cases.
Patch Policy via WebUI is certainly helpful.
For an initial catch-up like this, where you need to roll through years of patches though, there’s a good chance you’ll find someone’s application could break and need an update, so I’d use some caution in how you test.
Additionally from the Console, I’d recommend switching to the Patch Management Domain at the bottom-left, which categorizes the fixlets by type. I’d first make a baseline of service packs and rolluo packages. A small number of service packs installations can contain a huge number of individual hotfixes, so you can build a smaller baseline for catch-up.
Thanks guys. This is great information. I will review accordingly. The servers are fairly new so it’s not too bad yet. My initial testing baseline was successful. I was unaware of the “Patch Policy” and will take a hard look at that.