Version: 4.1 - July 26th, 2020
Video Walkthrough
What's New?
Extended Platforms Support
-
New Platforms for Patch Management Module
-
Red Hat Enterprise Linux 8
-
Oracle Linux 8
-
-
New Platforms for Agent Management Module
-
Red Hat Enterprise Linux 8
-
Oracle Linux 8
-
CentOS 8
-
More information can be found in JetPatch Supported Platforms
Predictive Patching
- Predict Remediation Plan Results - Predictive Patching can now predict patching operations based on specific Remediation Plan and Cycle Start / End Dates.
- Improved Algorithm - Predictive Patching will now consider the new Endpoint Readiness feature and involve all readiness criteria into the algorithm.
- New Action on Remediation Plan ticket - New “Predict” action will redirect to the “Predictive Patching” page with the relevant Remediation Plan filter applied.
More information can be found in Predictive Patching and Endpoints Exemptions.
Enhanced Awareness
-
Endpoint Readiness - JetPatch will check the readiness of your endpoints based on the pre-requisites required to patch that endpoint. More information can be found in the Endpoint Readiness article.
- Reports - Reports are now available in a CSV format for any information in the Patches Compliance Dashboard, Patches, and Endpoints sections in JetPatch. More information can be found in Endpoint Readiness, Management, Activities, Maintenance, Groups, Patch Catalog, Predictive Patching, Remediation Plan Dashboard, and Remediation Plan Compliance Report.
-
In-Depth Patching Failure - There are new built-in scripts for extracting the logs and copying them to a centralized location. See In-Depth Patching Failure for more information.
- Policy Manager Email Alert - JetPatch will now alert you via email if the Agent Policy Manager either encounters an exception or becomes inactive. See Policy Manager Email Alert for more information.
Improved Automation Capabilities
- Save Patch Filters - Patch filters can be now saved for future usage and can be used for other features like “Automatic Remediation Plan” and “Custom Compliance”. More information can be found in Patches Catalog.
-
Automatic Remediation Plans - Enhanced the automatic remediation plan mechanism by having the ability to choose a saved patch filter and specify creation time (daily, weekly, monthly), activation mode, and Workflows. More information can be found in Automatic Remediation Plans.
- Delayed Task Scheduler - Run Task capability can now be scheduled for the future. More information can be found in Tasks.
- Linux Patching Enhancements
- Split Large Linux Installations of Patches - Patch installations on all Linux operating system will now split into several execution operations, based on the number of patches to execute. More information can be found in Split Patch Execution.
-
Bulk Installation of Patches - Patch installations on Red Hat Enterprise Linux, Oracle Linux, and Amazon Linux can now be executed in the same command instead of running one after the other. More information can be found in How to configure Linux patches bulk install.
- Note: You can have both split and bulk installation enabled at the same time.
-
Other Built-in Scripts
-
Optimized JetPatch Scripts - WSUS scripts and Windows & Linux patch execution scripts were optimized to minimize the operation runtime.
-
Fetch Specified WSUS Groups Only - JetPatch will fetch the information only on specified computer groups from WSUS. See WSUS Scripts article for more information.
-
New Built-in Scripts
- Check for potential Windows Update Agent Issues
- Check if Windows Endpoint is in more than one WSUS group
- Check if Reboot is required on Windows endpoint
- Check if Reboot is required on Linux endpoint
- Advanced Windows reboot script to support update & restart operation
- Endpoint Readiness Scripts
- Check for potential Windows Update Agent Issues
-
Support the Business Process
Custom Compliance - Specify patches (using the new saved patch filter) to be excluded from specific endpoints (using Tags). The Remediation Plan execution actions and the endpoint Compliance will be affected and will show information/execute operations based on the custom compliance rule.
More information can be found in Compliance.
Others
-
Filters Changes:
-
Patches Compliance dashboard - “Operating System” filter was changed to a Multi-Select drop-down menu.
-
Management table filters - “Patch Status” filter was extended with the “No Status” value.
-
Patches Catalog filters -
-
Adding two new filters related to the patch release time:
-
Released Before - will show the patches which were released before X days
-
Released In The Last- will show the patches which were released in the last X days
-
-
Add exclusion option for searching patches - Patches Catalog can now filter out patches base on the patch name.
-
-
-
Improved UX for RP board:
-
Ticket Placement Changes - Activated Remediation Plans that are waiting for future maintenance windows will park in the “Pending” column.
-
Ticket layout Changes - The value representing the number of days passed from the plan creation is now hidden and accessible by hovering the ticket creation date.
-
Board Refresh - Tickets on board will refresh faster.
-
Critical Remediation Plan - Critical Remediation Plan is now considered as a plan with a Critical Security patch inside. It will be marked with a “C” icon on the ticket.
-
-
ITSM Changes:
-
Ticket cancelation from ITSM - In a case of Remediation Plan cancellation from the ITSM system, the status of the Remediation Plan ticket will be changed accordingly.
-
ServiceNow support changes - Several improvements for supporting CI information, predefined text fields, and API integration change to support ServiceNow custom interface.
-
ServiceNow Maintenance Windows - Improve integration with ServiceNow for pulling the maintenance windows from ServiceNow.
-
- Improved Active Directory integration for Users - Extend the Activity Directory integration support for users authentication. More information can be found in Configuring User Accounts and Permissions
- Major optimizations for stability - Improved JetPatch response time and stability for large environments.
- UI/UX Improvements - Minor UI/UX enhancement for tables & filters response time and defaults, Remediation Plan Compliance Report, Tooltips, and more. Increased items per page from 10 to 20
- Workflow with multiple tasks - Enhanced workflow logic In case of a pre/post patching tasks failure subsequent pre/post patching tasks will not be executed.
-
“Sync approval status with WSUS” activity visibility enhancement - The “Sync approval status with WSUS” will now show the relevant Remediation Plan in the “Activities” table.
-
CentOS patch removal execution - If the patch was already removed, there is now a visible status of “already_removed” in the action output.
- “Collect Endpoint Updates” for Linux retries - Decreased the default number of retries to 3 times in case of a failure in the patch collection operation (configurable option).
- Connector Run Scripts for Linux- Scripts are now run in lower permission (744).
-
MBSA Removal - JetPatch no longer supports MBSA (EOL for Microsoft ).
Bug Fixes
-
Maintenance Schedule Entry creation - Fixed an issue which showing some wrong UI layout when Maintenance Windows is set for “Does not repeat”.
-
Duplicate Remediation Plan - Fixed an issue when coping partial patches information when duplicating a large Remediation Plan with more than 100 patches actions.
-
CentOS Patches visibility - Fixed an issue in which the Patches Catalog is not showing all CentOS patches.
- CentOS Patches Duplication - Fixed an issue where duplicate patches were sent to execution.
- Long Package Version - Fixed an issue when JetPatch failed to process a long CentOS package version.
-
Windows patches release date - Fixed an issue which showing a wrong “Release Date” of windows patches.
- Links Redirection - Fixed some issues where redirection from one page to another didn’t apply the right filters.
-
ITSM - Fixed an issue where an external approval for Remediation Plan failed.
- Multiple Vulnerability Scanners Intregraions - Fixed an issue where patches Compliance was wrong when using multiple vulnerability scanners.
- Post-Patching Tasks Execution - Fixed an issue where Post-Patching tasks didn't execute.
- Windows Superseding Patches - Fixed an issue where Superseding patches were not executed as expected.
Known Issues
- Run Scheduled Task - If the configuration is to run in invalid (old) time, JetPatch will run it immediately.
- Endpoint Groups on User tasks are missing on some activities - Only activities related to patching operations (pre/post patching and the actually patching activity) will have an Endpoint Group value.
Comments
0 comments
Please sign in to leave a comment.