We’re thinking about ways to optimize site evaluation times by managed computers and one of the issues that has come up is the size of the “Patches for Windows” site. Looking at version 4285, the site has 19,636 fixlets and tasks. A lot of the content is pretty old with source release dates going back 20 years. Is there any plan to split up this site, retire old content, or somehow optimize the site content? I wanted to check in here before we start down a path of something like creating a smaller custom site that only contains newer content copied from the external site.
Has anyone else come up with ways to reduce the load/time from evaluating content of large sites?
Inside the Patches for Windows site, there are digests for each operating system, so the endpoint only evalutates the patch fixlets that match the digest it’s relevant for. It is not evaluating all the content in the Patches for Windows site.
I will double check on the documentation, but here’s an example.
In the Enterprise Security (Patches for Windows) site, there’s a file SupersededControlled.fxf , it’s almost 400mb, and contains almost 7,000 fixlet.
The top evaluation line for that is
MIME-Version: 1.0
Subject: SupersededControlled
X-Relevant-When: (if( name of operating system starts with “Win” ) then platform id of operating system != 3 else false) AND (if exists property “in proxy agent context” then ( not in proxy agent context ) else true )
X-Relevant-When: (value of setting “_BESClient_WindowsOS_EnableSupersededEval” of client as integer = 1) | false
X-Relevance-Evaluation-Period: 6:0:0
X-Relevance-Child-Evaluation-Period: 6:0:0
So this will only evaluation every 6 days, and the child content every 6 days, only if you’ve turned on the ability to enable Superseded content (not on by default, only used in certain scenarios). So that excludes 7k of the 19k fixlets right there.