Patch Management Dashboard
Applies To: WatchGuard Patch Management
The Patch Management dashboard shows an overview of the WatchGuard Patch Management module status. Several tiles provide important information and provide links to more details.
To open the Patch Management dashboard:
- In WatchGuard Cloud, select Monitor > Endpoints.
- Select Status > Patch Management.
The Patch Management dashboard opens. - To view detailed information, click a tile. The Patch Management dashboard includes these tiles:
Patch Management Status
The Patch Management Status tile shows the status of Patch Management on Windows, Linux, and macOS computers in your network. Use this tile to identify problems, such as computers where Patch Management did not install correctly, computers with no Patch Management license, computers that need to restart to complete patch installation, and other issues.
Click a status to open the Patch Management Status list filtered to show devices with that status. The tile shows the number and percentage of computers with these statuses:
- Enabled — Patch Management installed successfully, runs with no issues, and the assigned settings enable the module to search for patches automatically.
- Disabled — Patch Management installed successfully, runs with no issues, but the assigned settings do not enable the module to search for patches automatically.
- No license — Patch Management does not work because no license is assigned to the computer or there are insufficient licenses.
- Error installing — Patch Management could not install.
- No Information — The computer has a license, but has not yet reported status to the cloud, or has an outdated agent installed.
- Error — Patch Management does not respond to requests sent from the cloud, or has settings that are different from those configured in WatchGuard Cloud.
To see a list of computers that must be restarted, click the computers require a restart to finish installing or uninstalling patches link. The Patch Management Status list opens filtered to show computers and devices that require a restart.
To see a list of computers that do not have WatchGuard Endpoint Security, click the computers have been discovered that are not being managed link.
Time Since Last Check
The Time Since Last Check tile shows the number of computers that have not connected to the WatchGuard server and reported patch status for more than 3, 7, and 30 days. Use this tile to identify computers that might be at risk and require your attention.
To open the Patch Management Status list filtered to show the relevant devices, click a number.
End-of-Life Programs
The End-of-Life Programs tile shows information about programs that have reached or are close to end-of-life, grouped by end-of-life date. End-of-life programs are no longer supported by the software vendor and do not receive patches to resolve security issues and vulnerabilities.
The tile shows the number of computers on the network with these types of programs installed:
- Currently in EOL — Programs that have reached end-of-life and do not receive updates from the vendor.
- In EOL (Currently or in 1 Year) — Programs that have reached end-of-life or will in the next year.
- With Known EOL Date — Programs that have a known end-of-life date more than one year in the future.
To open the End-of-Life Programs list filtered to show the relevant computers, click a number. For more information, go to Review End-of-Life Programs.
Available Patches
The Available Patches tile shows the number of patches of different types that are available for computers on the network.
Numbers on this tile count the same patch multiple times if multiple computers do not have the patch installed. Similarly, a computer counts multiple times if it is missing multiple patches.
The tile shows these types of patches:
- Security Patches — Patches for security issues that are available for installation on your computers.
- Critical — Security patches classified as critical.
- Important — Security patches classified as important.
- Low — Security patches classified as low.
- Unspecified — Security patches that do not have a severity classification.
- Other Patches (Non-security Related) — Other patches not related to security that are available for installation on computers. Patches containing bug fixes and feature enhancements for macOS and Linux are included in this category.
- Service Packs — Patch and hotfix bundles that are missing from computers. Windows Service Packs are not applicable to macOS or Linux computers or devices.
Click a patch type to open the Available Patches list filtered to show the affected computers and relevant patches. To show patches of all types, click View All Available Patches.
To see all available patches for a computer, on the Available Patches list, in the row for a computer, click and select View all available patches for the computer.
To review details of patch installation tasks, click View Installation History. For more information, go to View Installation History.
To review a list of excluded patches, click View Excluded Patches. For more information, go to Exclude Patches.
Last Patch Installation Tasks
The Last Patch Installation Tasks tile lists recently created patch installation tasks and shows their status.
Use the options on this tile to manage patch installation tasks:
- To edit a task, click its name. For more information, go to Manage Tasks.
- To cancel a task, next to the task name, click and select Cancel.
- To see the results of a task, next to the task name, click and select View Results.
- To view all tasks in the Tasks page, click View All.
- To view details of all patch installation tasks, click View Installation History. For more information, View Installation History.
For more information about patch installation, go to Install Patches.
Available Patches Trend
Shows the trend of the number of patches that are pending installation on the computers on the network, grouped by severity.
Point to a node on the graph to show a tooltip with this information:
- Date
- Type
- Number of patches
Click the legend items below the graph to open the Available Patches list filtered by the selected item. Click the graph to open the full Available Patches list with no filters applied.
To filter the information in the Available Patches Trend tile, click . You can filter the tile by Computer Type, Platform, Operating System Patches, and App Patches. For information on the patches supported by Patch Management, go to this Knowledge Base article: Vendors and Apps Supported by WatchGuard Patch Management.
For information on how to select the apps you want to patch, go to Download Patches Manually.
Most Available Patches for Computers
The Most Available Patches for Computers tile lists available patches and the number of devices (in Pending or Pending Restart status) the patch is available for, in descending order from left to right.
To filter the patches in the tile by Criticality, Computer Type, Platform, or Patch Type, click.
Point to a box in the tile to see a summary of the patch, including:
- Patch name
- Number of affected computers
- Program (or operating system family)
- Criticality
- Release date
- CVE (Common Vulnerabilities and Exposures) ID
Click a box in the tile to open the Available Patches list filtered to the selected patch. This list shows the computers and devices missing the patch.
To manage the computers in the Available Patches list, in the row for a computer, click and select from the menu that opens:
- Install
- Schedule Installation
- Exclude
- Isolate Computer
- View All Available Patches for the Computer
- View Which Computers Have the Patch Available
Computers with Most Available Patches
The Computers with Most Available Patches tile lists the devices that are missing patches, as well as the number of patches the device is missing, in descending order from left to right.
To filter the computers in the tile by Criticality, Computer Type, Platform, or Patch Type, click.
Click a box in the tile to open the Available Patches list filtered to the select computer. The list shows the program and patch that is missing, as well as the criticality of the patch and the installation status.
To manage the computers in the Available Patches list, in the row for a computer, click and select from the menu that opens:
- Install
- Schedule Installation
- Exclude
- Isolate Computer
- View All Available Patches for the Computer
- View Which Computers Have the Patch Available
Programs with Most Available Patches
The Programs with Most Available Patches tile lists the software programs that are missing patches, as well as the number of patches the program is missing, in descending order from left to right. Click a box in the tile to open the Available Patches list filtered to the program. The list shows the program and patch that is missing, as well as the criticality of the patch.
To filter the computers in the tile by Criticality, Computer Type, Platform, and Patch Type, click.