Approving and declining third-party software updates

When you configure the Install required updates and fix vulnerabilities task, you can create a rule that requires a specific status of updates that are to be installed. For example, an update rule can allow installation of the following:

• Only approved updates
• Only approved and undefined updates
• All updates irrespective of the update statuses

You can approve updates that must be installed and decline updates that must not be installed.

The use of the Approved status to manage update installation is efficient for a small number of updates. To install multiple updates, use the rules that you can configure in the properties of the Install required updates and fix vulnerabilities task. We recommend that you set the Approved status for only those updates that do not meet the criteria specified in the rules. When you manually approve a large number of updates, the performance of the Administration Server decreases, which may lead to an overload of the Administration Server.

To approve or decline one or several updates:

1. In the main menu, go to Operations → Patch management → Software updates.

   The list of available updates appears.

2. Select the updates that you want to approve or decline.
3. Click the Approve button to approve the selected updates or the Decline button to decline the selected updates. If either of these buttons is not visible, click the ellipsis button, and then select the required option from the drop-down list.

   The default status of an update is Undefined.

The selected updates have the statuses that you defined.

As an option, you can change the approval status in the properties of a specific update.

To approve or decline an update in its properties:

1. In the main menu, go to Operations → Patch management → Software updates.

   The list of available updates appears.

2. Click the name of the update that you want to approve or decline.

   The update properties window opens.

3. In the General section, select a status for the update in the Update approval status drop-down list. You can select the Approved, Declined, or Undefined status.
4. Click the Save button to save the changes.

The selected update has the status that you defined.

If you set the Declined status for third-party software updates, these updates will not be installed on devices for which they were planned but have not yet been installed. Updates will remain on devices on which they were already installed. If necessary, you can manually delete them locally.

See also: Scenario: Updating third-party software Creating the Install required updates and fix vulnerabilities task

Page top