Scalefusion Agent Based OS Update Management - Configure Settings

Managing Windows OS updates is one of the critical pieces of managing Windows 10 devices. It is important for organizations to define a policy that either automates or controls the various updates that Windows offers.

Windows Agent based Update & Patch Management feature is an automated patch management (scanning, assessment, deployment, monitoring and reporting) solution to keep all Scalefusion managed windows devices up-to-date with Windows OS updates thus keeping them secure.

With this feature IT Admins can manage Updates at Device level and Group level on Scalefusion Dashboard.

In this two-document series, first part describes the configurations needed to be done for Update Management and the second one covers the view of it and actions that can be taken on the updates.

What kind of updates can be managed?

Scalefusion managed Windows devices can detect and patch below types of Updates:

1. Software Updates
   1. Critical Updates
   2. Definition Updates
   3. Feature Packs
   4. Security Updates
   5. Service Packs
   6. Tools
   7. Update Rollups
   8. Updates
   9. Upgrade
   10. Quality updates
2. Driver Updates

Before You Begin

1. Users should be subscribed to Legacy or Modern Enterprise Plan.
2. Devices should be enrolled with Scalefusion.
3. Scalefusion MDM Agent's (for Windows) latest version (v6.0.0 or above) should be installed on devices.
4. Device configurations - Windows 10, and Windows 11 supporting 32-bit and 64-bit OS Update.

How does it work

1. Configure Settings for Agent Based OS Update Management from Scalefusion Dashboard
2. Based on the configurations, the Windows MDM agent queries and syncs the updates with the managed devices.
3. Get a summarized view of the status of updates, device as well as updates wise and perform certain actions on them like sync, install, hide and also download CSV reports.

These are described in detail below

Configuring Settings for Agent Based OS Update Management

Global Level

1. Login to Scalefusion dashboard and navigate to Update & Patch Management > Windows OS Updates on left panel.
2. Click on Configure
3. The OS Update Management Settings dialog box opens where you can configure global settings for syncing updates.

   Setting	Description
   Enable Scalefusion MDM agent based Update Management	This is a toggle. Toggling this to ON only enables MDM agent based update management and allows to configure rest of the settings.
   Configure Update Sync Interval	Configure the time interval how often the agent queries and syncs the available OS updates to our backend. Following are the options to choose from: 12 hours (default) 24 hours
   Sync Driver Updates	If this setting is toggled on, the agent queries and syncs Windows driver updates also, along with Windows software updates.
   Force Reboot Devices after Updates	Configure what the device reboot behavior should be, once an update is installed, from the following options: Prompt for Reboot: Prompts for reboot whenever an update is installed Force after 5 minutes: Reboots the device automatically 5 minutes after installation of updates Force after 10 minutes: Reboots the device automatically 10 minutes after installation of updates This is dependant on the windows update whether it requires reboot or not You can also configure a message that is displayed to the users before the devices are rebooted. It can be composed in the text area below this setting
   Configure Update Schedule	Configure when the updates should be installed on device once they are initiated from the Dashboard. There are two options to choose from. Select any one of the following: Deploy Upon Approval: The updates will be deployed on devices as soon as they are initiated from Dashboard. Deploy according to the following schedule: The updates will be deployed as per the schedule you configure with following options: Update Time: Select the time of the day and the updates will be installed at that time Update Day: Select the day on which updates should be installed. Choose Daily if they have to be installed daily else select particular day/days from Monday to Sunday Update Week: Select a particular week or every week during the month, when updates should be installed

4. After configuring the settings, click Save

Profile Level

These settings can also be configured at device profile level which will apply to the devices with that profile.

To configure Update settings at profile level:

1. Navigate to Device Profiles & Policies > Device Profiles
2. Create or Edit Windows Device Profile on which updates have to be configured
3. Go to Settings > Windows Updates
4. The settings can be configured under Scalefusion Agent-based Settings tab after toggling on Override Global MDM Agent Update Settings

Now that configuration is done, you can view the status of updates on the Dashboard and perform other actions. The next document explains it.