Need help verifying my automatic patch settings

I’ve been reading tutorials and documentation about patching and I’m still not sure I totally get it.
If possible, I would like to spell out the actions I performed and make sure I understand what each does:

  1. I created a new Patch Policy and set it to refresh once a month on the 2nd Wednesday - This step basically creates a sort of “baseline” that includes all of the updates I configured it to include on a monthly basis.
  2. I added a schedule and targeted a manual group I created every 2nd Thursday - This part deploys the updates to said group.

If I understood correctly, then I have some follow up questions:

  1. When I create baselines manually, I saw that BigFix can ask me to verify the default action to take before the action is deployed. Where is that reflected with this automation in the WebUI? Are the above steps just “set and forget” type of things?
  2. Where do I include Maintenance Windows in this whole scenario? I read the docs but couldn’t find anything straight forward. Do I even need them?
  3. I set the Patch Policy to refresh every 2nd Wednesday and the Schedule to deploy every 2nd Thursday. Is that right? Do I need to give it some time to “fetch” all of the updates and only then have them deployed?



For your baseline, the maintenance window will come into play when you take the action. You will need to take the action so that it incorporates your maintenance windows. In this case, you ultimately don’t need them as long as you are keeping them in mind when you take the action.

The refresh is the “fetch” you mention. After the fetch as happened, you will eventually see actions show up in the console that match the appropriate schedules you mentioned.


1 Like