This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Automatic vs. Ad Hoc Patching

This Article Applies to:

  • Avast Business Hub

 

Missing patches can be installed on managed devices either through a one-time ad hoc deployment from the Patches or Devices page or through a recurring patch deployment configured via policies. It may be necessary to apply patches through different methods depending on your network needs and the device. For example, there may be a critical patch for a server device that has patch deployment scheduled for the following week. In this instance, you may want to push the critical patch immediately rather than waiting for the scheduled deployment.

The below table outlines the differences between the two ways of deploying patches.

 

Automatic Patching Ad Hoc Patching
Install on a regular basis Install on a one-time basis
Apply a schedule to a group of devices Patch most devices or only a few
Set a recurring patch schedule Install patches immediately, or soon
Automatically deploy patches that meet certain criteria Select patches to deploy from a list
Exclude patches from specific vendors or applications Install patches that have been excluded from automatic install

Automatic Patching

Installing patches through policies lets you set up recurring installs of patches. Using a policy, you can choose the patches you want to install and set up the time you want the install to start. You set up your patching options, and then choose the affected devices by applying the policy to a device group.

Using a policy to install patches is best for setting up a recurring, ongoing patching schedule. You can even use multiple policies to arrange patches to be installed on different schedules according to their severity and importance. The schedule repeats with no actions from you, keeping your devices up to date and taking the work of Patch Management off your task list.

Ad Hoc (Manual) Patching

Doing an ad hoc deployment via the Patches or Devices page gives you the same options for choosing and installing patches. You can sort by the same options and set up the install and restart for time when users won’t be interrupted. However, with ad hoc installs, you also choose the devices the patches are installed on from a list of devices instead of a device group.

Ad hoc installs are best for doing one-time patch installs. For example, if a high-profile security vulnerability is found in popular software that affects most of your users, you could do an ad hoc install to start the patching process right away, without worrying about scheduling the patch for a convenient time.

 

To learn how to deploy patches automatically or manually, see Deploying Missing Patches (Avast Business Hub).