Solved: Patch Management?

Adrian41 · ‎03-05-2024

Hello,

We have a lot of problems with our existing MDM solution and I am trying to see if Systems Manager is a good replacement (we are almost a fully Meraki house in terms of infrastructure equipment - MX, MS, MR).

Systems Manager seems to be able to do a lot our existing solution does and more, however to convince management that its the way to go, it would have to do everything which includes patch management.

Our existing solution automatically manages patching for Windows and Linux, as well as a bunch of software we use (software needs to be compatible with the solution, but a lot is).

I tried to find info on if Systems Manager can do this, but all I could was an article talking about Apple OS updating which is irrelevant to us 😛

Thanks!

Philip D'Ath · ‎03-05-2024

Systems Manager will not do patch manager for Windows and Linux.

For Windows I love using WinGet-AutoUpdate. I know of lots of companies that use it. It is free.

https://github.com/Romanitho/Winget-AutoUpdate

For Linux, like Ubuntu, I normally enable the unattended upgrades feature.

https://help.ubuntu.com/community/AutomaticSecurityUpdates

Not as a nice as a dedicated patch management solution though.

View solution in original post

aleabrahao · ‎03-05-2024

The documentation says that it's supported just for Apple Devices.

https://documentation.meraki.com/SM/Device_Enrollment/Systems_Manager_Agent_and_MDM_Profile_Enrollment#Agent_vs_Profile_Features

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

aleabrahao · ‎03-05-2024

But there is an workaround.

Remote Package and Patch Management with Chocolatey and Meraki - Windows - Spiceworks Community

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Adrian41 · ‎03-05-2024

cheers - Chocolatey looks really cool but im struggling to justify the cost of system manager to the business (we need it on about 10,000 devices) the cost of Chocolatey on top would be a dead end.

aleabrahao · ‎03-05-2024

That's why I say it's always important to consult a Meraki sales consultant beforehand, to see if the tool will meet all your needs. 🙂

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Adrian41 · ‎03-05-2024

yea, I just posted on here on the off-chance Id get a faster reply. Also first hand info from people that actually use the product is better than a sales guy reading off some marketing material 😛

BlakeRichardson · ‎03-05-2024

I have not found an MDM that does this cross platform well so rather than an MDM solution you might find a patch management solution better.

Jumpcloud does patch management, I've never used it but it's an option for you to investigate. They support Linux as well.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Philip D'Ath · ‎03-05-2024

Systems Manager will not do patch manager for Windows and Linux.

For Windows I love using WinGet-AutoUpdate. I know of lots of companies that use it. It is free.

https://github.com/Romanitho/Winget-AutoUpdate

For Linux, like Ubuntu, I normally enable the unattended upgrades feature.

https://help.ubuntu.com/community/AutomaticSecurityUpdates

Not as a nice as a dedicated patch management solution though.

jgbright · ‎03-05-2024

Another Cisco solution is Duo Device Health: https://blogs.cisco.com/security/enforce-endpoint-compliance-and-cyber-hygiene-with-duo-device-trust

Adrian41 · ‎03-06-2024

thanks everyone!