Add systems to patch management

Setting your environment up for patching via Patchdeck is quick and easy. You only need to install the right agent for your operating system and the system will automatically show up in your patch management dashboard.

All Patchdeck agents can be installed via the command line which makes it easy to script the installation process via PowerShell/bash or provisioning tools like Ansible or Terraform.

In most setups you do not need to change any firewall rules since the Patchdeck agent only communicates via outbound HTTPS. As long as a system can reach the internet the agent will work. This is normally the case for client endpoints like employee laptop or desktop system and also most servers. If you want to manage endpoints that are in a subnet from which they cannot reach the internet you will have to adjust your firewall rules. In this case we recommend only allowing HTTPS traffic to this IP address of the Patchdeck backend: 54.205.35.163

To install the Patchdeck agent follow these steps:

Step 1: Generate the authentication information

All agents securely connect to the Patchdeck console using two secret values: a client ID and a client secret. The client ID is automatically generated for you when you setup your account. You can find it at https://patchdeck.com/patch_management/authentication

On the same site you find a button to generate a client secret:

Step 2: Download the agent

  1. Go to https://patchdeck.com/patch_management/agents
  2. Download the agent for Windows, Linux or Mac

Step 3: Install the agent

Windows

  1. Open a Powershell console as an administrator
  2. Create a directory for the Patchdeck agent (e.g. C:/Program Files/PatchdeckAgent)
  3. Extract the downloaded file "PatchdeckWindowsAgent.zip" into the directory.
  4. Change into the extracted directory and run the following command: .\PatchdeckWindowsAgent -install CLIENT_ID CLIENT_SECRET
  5. Thats all! The system will now show up in your dashboard at https://patchdeck.com/patch_management

If you are using an endpoint protection solution you may need to adjust the corresponding rulesets to allow the Patchdeck agent to run. On standard Windows installs that only use the built-in Windows Defender as endpoint protection solution no changes should be necessary since we have been working together with Microsoft to ensure our agents work well alongside Defender.

Linux

  1. Open a terminal console
  2. Extract the downloaded file "patchdeck-linux-agent.zip" to a directory that is only writable by the root user (we recommend /opt/patchdeck-agent): sudo unzip patchdeck-linux-agent -d /opt/patchdeck-agent
  3. Change into the extracted directory and run the following command : sudo ./patchdeck-agent -install CLIENT_ID CLIENT_SECRET
  4. Thats all! The system will now show up in your dashboard at https://patchdeck.com/patch_management

Please note that if you are using SELinux or similar technologies you may need to adjust your policies before the Patchdeck agent can run.

Mac

  1. Open a terminal console
  2. Create the directory ~/opt/patchdeck-agent and extract the downloaded file "patchdeck-mac-agent.zip" to this directory: unzip patchdeck-mac-agent -d ~/opt/patchdeck-agent
  3. Change into the extracted directory and run the following command : sudo ./patchdeck-agent -install CLIENT_ID CLIENT_SECRET
  4. Thats all! The system will now show up in your dashboard at https://patchdeck.com/patch_management

Step 4: Check your systems

You can now head over to https://patchdeck.com/patch_management and see a list of all systems that are enrolled in your Patchdeck console. By clicking on the system entry you can see more details about the system and check which patches are currently missing.

Next steps

Now that you have enrolled your systems you can start applying patches, configuring policies and generating reports.

Still need help? Contact Us Contact Us