Jeremy Giacchi wrote:
If you want it to work like WSUS do this: (and I dont recommend you make it work like WSUS....the big advantage of LANDesk patching is that it's much more flexible)
- Go into Patch and Compliance
- Click the Gear Icon on the toolbar
- Choose "Definition Group Settings"
- Add a rule with these parameters:
- Vulnerability
- Critical
- Comparison: Vendor Contains "Microsoft"
- Set Status: Scan
- Set AutoFix
- Create another rule with the same settings except Severity: Important/High
Now every time LANDesk downloads a patch from Microsoft that is High or Crtiical, it will automaticlly deploy to all devices. (unless you dont have AutoFix enabled on your "Scan and Repair Settings")
I guess this depends on your risk apetite. In my organization, nothing gets deployed to end users if it has not passed an internal QC check and 2 additional rounds of UAT testings.