Troubleshoot Patch Management
Applies To: WatchGuard Advanced EPDR, WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP
WatchGuard Patch Management is an optional module available with WatchGuard EPDR, WatchGuard EDR, and WatchGuard EPP licenses. Patch Management finds endpoints on the network with known software vulnerabilities and helps you identify which endpoints are susceptible to malicious attacks.
Patch Management compares patches installed on endpoints to a database of updates released by software vendors. It can identify any endpoints that run vulnerable operating systems or software.
This topic describes how to troubleshoot Patch Management.
Error When You Enable or Disable Protection
An error might occur that states: Error enabling/disabling the protection
This error might occur if the WatchGuard Endpoint Security management UI reports Patch Management as not installed.
The error might also be caused by a connectivity issue, an issue with Microsoft Windows 2003 and Microsoft XP SP3 that requires you to download software patches through the use of a local repository-cache, or certificate issues.
To troubleshoot:
- Review the URL requirements for a WatchGuard Endpoint Security product.
- If the issue persists, contact Support.
Patch Not Installed - Management UI Shows status in progress Message
This error occurs when the endpoint agent has an issue.
To troubleshoot:
- Review the URL requirements of a WatchGuard Endpoint Security product.
- See the Required Information for Support section of this topic.
- If the issue persists, contact Support.
Patch Not Installed - Management UI Shows download error Message
This error occurs when the endpoint agent cannot reach the required URLs to download a patch.
To troubleshoot:
- Review the URL requirements of a WatchGuard Endpoint Security product.
- See the Required Information for Support section of this topic.
- If the issue persists, contact Support.
Patch Not Installed - Management UI Shows execution error Message
This error code might be a third-party software error. You can generate a report from the management UI to review information about this error code.
To troubleshoot:
- Install the patch locally. If the issue persists, Patch Management is not the cause of the error and the problem is with the application.
- See the Required Information for Support section.
- If the issue persists, contact Support.
Patch Cannot Install Through Local Repository
You can use a cache device to create a local storage repository. A local storage repository saves Internet bandwidth and you can distribute a patch that is not automatically downloaded, such as operating system service packs.
If you cannot install a patch from a local storage repository, it might be because of a communication issue between the endpoint device and the cache device that acts as the local repository.
To troubleshoot:
- Use an URL in this format to check communication between the endpoint device and the storage repository:
http://name_of_the_cache_device:18226/PatchManagement/name_of_the_file - See the Required Information for Support section.
- If the issue persists, use the PSInfo tool and contact Support.
Note that if you contact Support about this issue, you must collect information from both the cache device and the endpoint device that you use to download a patch.
Patches in Management UI Differ From Windows Update
An endpoint might show different Windows patches installed, when compared to those shown in the management UI.
If this occurs, provide this information to Support:
- Date and time the mismatch occurred.
- The KB number and language of the patch.
- Endpoint operating system.
- Expected and actual behavior.
- Operating system of all endpoints affected.
Make sure to include any version number, bit-level, and service pack number. - Steps to reproduce the issue.
Required Information for Support
Before you contact Support, make sure to gather this required information:
- Enable advanced logs.
- From the management UI, change the Patch Management search frequency.
- Use the Force Sync tool to force a sync from the endpoint device.
- After some time, use the PSInfo tool to gather logs.
- Create a DPDTrace tool report.
- Enable Support Access to your WatchGuard Cloud account.
- Send this information to Support, if requested.