Settings can be accessed via the button in the upper right corner of Endpoints -> Readiness page.

Enable Endpoints Readiness

The Endpoint Readiness feature can be disabled/enabled.

If the Readiness is disabled, all exemptions will not appear and JetPatch won't inform the user about endpoints issues related to patching readiness.

Required Repository Configuration

JetPatch needs to know which repositories the environment is configurable for in order to make sure it is all set up as expected to ensure high security.

A new configurable repository must have:

1. Name
2. Endpoint specifications - 
   1. Operating System - the OS that can work with the configured repository.
   2. CIDR list - Specify the endpoint needed to be configured to the configured repository using CIDR entry
3. Repository specifications - List of enabled repositories IDs. To fetch the repository ID from an endpoint:
   1. For Windows OS- The IP/Hostname of the WSUS appears in the endpoint configuration as specified in "Specify intranet Microsoft update service location". More information on EP configuration can be found in WSUS Configuration ("Endpoint server configuration" section)
   2. For Linux OS - 
      1. YUM based systems -"yum repolist -v"  or "yum repolist all -v " (to see disabled repositories also). The value for the settings should be the same as the "Repo-id".
      2. ZYPPER based systems - "zypper repost". The value for the settings is under the "Alias" column.
      3. Note: You can also run the built-in endpoint readiness task to gather this information for Linux OS

Configured Repositories Exemption Handling - if the "Exempt endpoint not matching any OS and CIDR combination from the list above" flag is marked JetPatch will exempt all endpoint without any matching OS and CIDR entry in the Required Repository Configuration (EPs with "Unknown" status on the "Repository Configured" criterion)

 

Linux Subscription

In case "Check Linux subscription as readiness criterion" is enabled - JetPatch will consider endpoint subscription as a readiness criterion.

Otherwise, JetPatch will not check for endpoint subscription (to support local repositories environments).

 

Note - In any case, there is an exception list to provide endpoints that should be treated differently.

 

Example #1

Check Linux subscription as readiness criterion = On

Endpoint Execpltion list = EP1

Result - JetPatch won't check subscription readiness for EP1

 

Example #2

Check Linux subscription as readiness criterion = Off

Endpoint Execpltion list = EP2

Result - JetPatch will check subscription readiness for EP2

 

Readiness Checks Interval and Timeout

Defining readiness checks intervals and timeouts:

• Not ready endpoints will check readiness criteria every (minutes) - what is the frequency of readiness checks in not ready endpoints
• Ready endpoints will check readiness criteria every (minutes) - what is the frequency of readiness checks ready endpoints
• Timeout for readiness check operation is - Timeout for the readiness check operation. 

Endpoint Communication with WSUS

Defining the "WUA communication" readiness limit.

• The last status reported for Windows Update Agent to WSUS should be less then (minutes) - If a Windows endpoint didn't communicate in the configured time, JetPatch will raise an exemption.

Note - The configured value for Endpoint Communication with WSUS should be higher than the Discovery Source WSUS scripts run frequency:

• discovery-source.WSUS.success.sleep-time.min (default 20)
• discovery-source.WSUS.error.sleep-time.min (default 20)

Related Articles

• Endpoint readiness overview
• Readiness criteria guide and troubleshooting
• What is the patching checklist?
• Running a task