In this article, you will learn everything you need to know about the 3rd Party Patch Management module. This product allows you to define policies for software management and automated patching and installation, schedule updates with our HEIMDAL Unified Threat Dashboard (UTD), blocklist applications and allow your users to click and install only the software approved by you.
1. Description
2. How does 3rd Party Patch Management work?
3. HEIMDAL Agent - 3rd Party Patch Management
4. 3rd Party Patch Management view
5. 3rd Party Patch Management settings
DESCRIPTION
Our 3rd Party Patch Management Management solution will automatically install updates on the 3rd-party applications HEIMDAL manages based on your configured policies, without the need for manual input. As soon as 3rd Party vendors release new patches, our technology silently deploys them to your endpoints, without the need for reboots or user interruption. HEIMDAL provides you with fully tested, repackaged, and ad-free updates using encrypted packages inside encrypted HTTPS transfers locally to your endpoints. Our distribution is further optimized through a local P2P network only between your machines. This gives you the powerful option to tailor your entire IT environment. You can create policies that meet your exact needs across the Active Directory groups within your organization. Once configured, the deployment is easy and simple.
HOW DOES 3RD PARTY PATCH MANAGEMENT WORK?
When 3rd Party Patch Management is enabled, the HEIMDAL Agent checks the installed applications. When a new version of a 3rd-party application is available, the HEIMDAL Agent will securely download it from the repo, and run the installer with the specified install arguments.
3rd-party applications can be installed or updated by the HEIMDAL Agent using one of the 2 methods below:
A. Automatic (force) install - the application is automatically installed on the first Group Policy check in case the application is not already present on the endpoint. If the application is already installed on the endpoint, the HEIMDAL Agent will bypass the automatic install;
B. Automatic update - the application is automatically patched (updated) by the HEIMDAL Agent when a newer version is available on the HEIMDAL Patching server;
The Application Blocklist feature allows you to uninstall specific applications that are installed on the endpoints inside your organization.
HEIMDAL Agent - 3rd Party Patch Management
The HEIMDAL Agent does not have an interface on Linux and this is why the only feedback you can get is in the HEIMDAL Dashboard, under Products -> Patch & Asset Management -> 3rd Party Patch Management -> Linux OS tab.
3RD PARTY PATCH MANAGEMENT view
The Patch & Asset Management - 3rd Party Patch Management view displays all the information collected by the HEIMDAL Agent that is running on the endpoints in your organization. The collected information refers to the 3rd-party applications that are installed or monitored by the HEIMDAL Agent and is divided between the 3rd-party applications monitored on Windows endpoints and the 3rd-party applications monitored on Linux endpoints.
On the top, you see a statistic regarding the Number of current vulnerabilities, the Total number of applied patches, the Number of updated software, and the Number of monitored software.
The collected information is placed in the following views: Standard, Patches per Endpoint, and Compliance.
- Standard
This view displays a table with the following details: Hostname, Username, Software, Package, CVE, CVSS, Distribution, Version, Date, and Status.
The Standard allows you to view the information regarding the Current Status, Latest Patch, Currently Outdated, Historically Outdated, Up-to-date, and Uninstalled. You are also allowed to select one or multiple entries in the Standard and Hide them from the view. The Show Hidden Apps radio button allows you to display all the applications that were hidden by the HEIMDAL Dashboard Administrator. If multiple CVEs are available for the same application, the CVE with the highest CVSS score will always be displayed. -
Patches per Endpoint
This view displays a table with the following details: Hostname, Username, and Patches per Endpoint.
-
Compliance
This view displays a table with the following details: Hostname, Username, Number of Updates, Last Seen, and Status.
The Compliant / Non-Compliant filter allows you to switch between the endpoints that are compliant or not.
The Download CSV functionality allows you to generate and download a CSV report that includes all the information in Standard or Verbose mode corresponding to each view.
3RD PARTY PATCH MANAGEMENT settings
The Patch & Asset Management - 3rd Party Patch Management module allows the user(s) to install or update a specific 3rd-party application from the list of applications managed by HEIMDAL Security.
3rd Party Patch Management - turn ON/OFF the 3rd Party Patch Management module;
General Settings
Infinity Management - turn on/off the Infinity Management module to deploy your own 3rd-party applications/Patches (.msi, .exe, .bat files) from the stand-alone patch management system. The patches can be configured in the Infinity Management module and applied to any Group Policy;
Keep all applications up-to-date - all current and future 3rd-party applications that are included in our 3rd Party Patch Management list will be added to automatic update;
Update non-Heimdal supported packages - allows you to update non-Heimdal packages installed on the endpoint.
Manage Applications
Show only Infinity Management applications - displays the 3rd-party applications added in Infinity Management only;
Install - enable the selected 3rd-party application(s) to be installed on the endpoint(s) if it is not already installed. If the 3rd-party application is already installed, it will not do anything;
Update - enable the automatic update of the selected 3rd-party application(s);
Check interval - allows you to set the time interval when the HEIMDAL Agent checks for newly available patches;
Patching Schedule - allows you to set a scheduler for the 3rd-party application patching module;
- You can select one or more days in a week when Heimdal™ Patch & Assets can install the 3rd-party application(s)/Patches;
- You can select one or more days in a month when Heimdal™ Patch & Assets can install the 3rd-party application(s)/Patches;
- You can also select a specific interval of any day to exclude the 3rd-party application patching.
Applications Blocklist
This feature allows you to uninstall a specific 3rd-party application(s) to restrict the usage of unwanted applications or to get applications removed from all machines that are applying the current Group Policy. This feature removes most of the applications that Patch & Asset Management is monitoring and also uninstalls other 3rd-party applications that are present on the endpoints but not managed by Patch & Asset Management module. To uninstall a 3rd-party application you need to specify the name of the application and a version option (exact version, lower versions, or higher versions).
- the example below targets any Spotify application and versions 2.23.7.10 and higher of WhatsApp;
- using the Starts with option will remove any package named Spotify or WhatsApp with the specified version or higher.
Example:
- If you want to uninstall a 3rd-party application that is in the 3rd Party Patch Management list, you need to make sure that the tickboxes for Install and Update are unticked in order to be able to add the 3rd-party application to the Application Blocklist.