Approving and declining third-party software updates

When you configure the Install required updates and fix vulnerabilities task, you can create a rule that requires a specific status of updates that are to be installed. For example, an update rule can allow installation of the following:

• Only approved updates
• Only approved and undefined updates
• All updates irrespective of the update statuses

You can approve updates that must be installed and decline updates that must not be installed.

The usage of the Approved status to manage update installation is efficient for a small amount of updates. To install multiple updates, use the rules that you can configure in the Install required updates and fix vulnerabilities task. We recommend that you set the Approved status for only those specific updates that do not meet the criteria specified in the rules. When you manually approve a large amount of updates, performance of Administration Server decreases and may lead to Administration Server overload.

To approve or decline one or several updates:

1. In the main menu, go to Operations → Patch management → Software updates.

   A list of available updates appears.

2. Select the updates that you want to approve or decline.
3. Click Approve to approve the selected updates or Decline to decline the selected updates.

   The default value is Undefined.

The selected updates have the statuses that you defined.

As an option, you can change the approval status in the properties of a specific update.

To approve or decline an update in its properties:

1. In the main menu, go to Operations → Patch management → Software updates.

   A list of available updates appears.

2. Click the name of the update that you want to approve or decline.

   The update properties window opens.

3. In the General section, select a status for the update by changing the Update approval status option. You can select the Approved, Declined, or Undefined status.
4. Click the Save button to save the changes.

The selected update has the status that you defined.

If you set Declined status for third-party software updates, these updates will not be installed on devices for which they were planned but have not yet been installed. Updates will remain on devices on which they were already installed. If you have to delete them, you can manually delete them locally.

See also: Scenario: Updating third-party software Creating the Install required updates and fix vulnerabilities task

Page top