This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Scanning Devices for Missing Patches

This Article Applies to:

  • Avast Business Hub

 

Your devices must be scanned for missing patches before you can approve any deployments or ignore specific patches. Just as with patch deployment, you can choose to scan for patches automatically or manually. The amount of time a scan for missing patches takes depends on the number of patches being searched for and the number of devices being scanned.

Automatic Scanning via Policies

The Patch Scan scans all devices tied to the particular policy for missing software application updates (patches). After a scan is completed, the results for missing patches are displayed on the Patches page and under the Patch Results tab in Device Details.

Configuring Patch Scanning

In the policy you would like to edit, click the Service Settings tab. Then click Patch Management, and expand the Patch scans and installations section.

Under Scan Frequency for Patch scanning, you can choose between the following options:

  • Do not install patches (the missing patches will need to be installed manually)
  • Install patches immediately once found missing (note that the patches might first go into the Scheduled status before being downloaded and installed)
  • Install patches later: 
    • Frequency (daily, weekly, or monthly)
      • If you decide on monthly installations, please ensure the day of the month you’ve chosen occurs every month (for example, do not choose the 31st day of the month unless you specifically want to skip installing on months without 31 days)
    • Start Time (a specific time of day you would like the installation to take place, down to the hour and minute)

It is recommended you configure your patch deployment to occur after patch scanning so any missing patches are deployed as soon as possible.

If you are using an Update Agent, that device will be used to store the application and OS patches and will distribute them to devices on the network (the same as program and virus definitions update file distribution).

For more information on patch installation options, see Deploying Missing Patches.

Ad Hoc Scanning via Devices Page

If you would like to scan for patches manually, you can do so on the Devices page.

  1. Navigate to the Devices page
  2. Do one of the following:
    • For a single device, click the More button beside the device and hover over Scan, then click Patch scan
    • For multiple devices, select the check boxes beside the device(s) and hover over Scan, then click Patch Scan

Wait while the patch scan command runs on the target device(s). Missing patches will be displayed on the Patches page.