Hello everyone,
I wanted to ask you a question, in the infrastructure where we have implemented bigfix we have more than 20000 endpoints. In the last O365 semi-annual patch we got a network saturation in an internal link. I ask you have any recommendation on how to manage the deployment of heavy patches (2.5gb approximately). Or is there any way to deploy it offline?
Thank you!
Offline? Like mailing a flash drive with the patches?
Out-of-the-box, there are several controls that can be made, but it’s a really broad topic so you may have to tell us what you’ve already pursued and what you’d like to learn more about. Off the top of my head these fall into several categories -
I’d have to check, but I think the O365 patches in particular have several options for direct delta-downloads rather than full-file updates, but that requires the clients to download directly rather than using the Relay infrastructure. Check the Fixlet descriptions for details, I think each Fixlet has several different Action options.
(…and the ‘mailing flash drive’ comment isn’t just me being flippant - there’s an actual use-case for that but it usually centers around OS Deployment)
we have 30k systems. Additional relays do not always help because Click to Run patches pull directly from MS. As @JasonWalker said, make sure you have sufficient relays (We have over 450) and try and deploy after hours. We do passive patching for two weeks then we send the deployments with a “message” and a 8 hour deadline. We usually start the message at 10 AM to cover late workers
This helps to spread the load out a little.
