Install the Patchdeck Agent
Setting up your environment for patching with Patchdeck is quick and easy. You only need to install the right agent for your operating system and the system will automatically show up in your patch management dashboard.
In most setups you do not need to change any firewall rules since the Patchdeck agent only communicates via outbound HTTPS. As long as a system can reach the internet the agent will work. This is normally the case for client endpoints like an employee laptop or a desktop system and also most servers. If you want to manage endpoints that are in a subnet from which they cannot reach the internet you will have to adjust your firewall rules. In this case we recommend only allowing HTTPS traffic to this IP address of the Patchdeck backend: 220.127.116.11
To install the Patchdeck agent follow these steps:
Step 1: Generate the authentication information
All freshly installed agents securely connect to the Patchdeck console using two secret values: a client ID and a client secret. The client ID is automatically generated for you when you setup your account. You can find it at https://patchdeck.com/patch_management/authentication.
On the same site you find a button to generate a client secret:
Step 2: Download and install the agent
- Go to https://patchdeck.com/patch_management/agents
- Select whether you want to install the agent on a single endpoint or on multiple endpoints all at once
- For each operating system you will find ready-made command snippets if you want a quick install or detailed instructions for a manual install
Step 3: Check your systems
You can now head over to https://patchdeck.com/patch_management and see a list of all systems that are enrolled in your Patchdeck console. By clicking on the system entry you can see more details about the system and check which patches are currently missing.
Things to watch out for
If you are using an endpoint protection solution on Windows you may need to adjust the corresponding rulesets to allow the Patchdeck agent to run. On a standard Windows install that only uses the built-in Windows Defender as endpoint protection solution no changes should be necessary since we have been working together with Microsoft to ensure our agents work well alongside Defender.
If you are using SELinux or similar technologies you may need to adjust your policies before the Patchdeck agent can run.
Now that you have enrolled your systems you can start applying patches, configuring policies and generating reports.