Reports for patch management
Patch management in GoTo Resolve MDM helps organizations run their devices securely and smoothly. Effective patch management requires proper reports giving a comprehensive understanding of the patching status. Dashboards and other patch reports in GoTo Resolve MDM give the administrator the needed insight to manage patches in the organization's environment.
GoTo Resolve MDM automatically maintains a list of available patches and updates for Windows, macOS, and third-party software. Using this list, GoTo Resolve MDM scans the patching status of all managed Mac and Windows devices enrolled to GoTo Resolve MDM. This article describes how to use GoTo Resolve MDM's easy-to-understand reports for better patch management.
Checking available patches and patch details
You can find all supported patches and software updates on the tab in GoTo Resolve MDM. The list provides important information on the latest updates for the operating systems and applications. Filter the list, for example, with device platform, release date, or the severity of the update.
A more detailed report about each patch is available if you go to the Patches tab and double-click the patch title or the arrow icon at the end of the row. The Patch page that opens provides you with useful information about the update and helps to make decisions regarding the installation of the patch.
The Bulletin ID identifies the patch and helps you to find more detailed information about the update. On Windows-related patches, the Bulletin ID is a link to an external web page.
The Related products table shows to which products the patch applies. You can use the Show only detected products checkbox to filter the table contents to show only the products that GoTo Resolve MDM has detected on your managed devices.
The Installations per device widget gives practical information by showing if the patch is applicable to the devices and its installation status in the environment.
Checking the overall patching status of the environment
The dashboards () are an important part of patch reports providing you with the overall view of the environment's patching status. You can analyze the status of the managed devices either from Windows- or macOS-specific dashboards.
Windows or macOS patch status overview
The widget shows how many Windows or macOS devices you have with different patching statuses. You can open a list of the included devices by clicking on the widget segments. The patching statuses are the following:
- Up-to-date: The device has all applicable patches installed.
- Critical: GoTo Resolve MDM has identified at least one missing critical patch on the device.
- Vulnerable: The device has all critical patches installed but it is missing at least one patch with lesser severity (Important or Moderate).
- Unknown: The device is in the scope of patch management, but there is no information about its patching status.
Patch status per device
Each square in the widget represents one managed device in your environment. The color indicates the patching status of the device. You can click on a square to open the device details.
Overall patching status
This widget shows the overall patching status of Windows and Mac devices on the site. The overall status is Critical if any device is missing a critical patch. Overall status Vulnerable means that the devices have all critical patches installed, but some of the devices are missing a patch with lesser severity. Excellent means that all managed devices are fully patched.
Patch deployments within 14 days
The widget shows the number of patch deployments within the last two weeks.
Released patches for Windows or macOS devices
This widget shows the total number of released patches during the selected timeframe.
The Show report link in the upper corner takes you to the Patches page, where you can see the patches that apply to your devices.
macOS or Windows versions
The widget shows what OS versions the managed devices on the site have helping you to evaluate the importance of available patches and updates.
Viewing the patching status of a single Windows or Mac device
You can analyze the patching status of a single device with the report at . You can filter the report with columns like Patch status or Not installed critical patches.
You can open a device for closer analysis by double-clicking the row or by clicking the arrow at the end of the row.
On the Patches tab of the Device page, clicking the Patch status of a product opens the list that shows related patches and the installation status on the device.
You can also find information about patching from the Action log tab on the device. Hover the mouse pointer over the Completed or Failed text to see further details.
The patch reports help you to define the patching process further. Read on how you can set the patch installation rules for Mac and Windows devices.