In this article, you will learn the things that are important to know when setting up automatic software installation or de-installation using GFI LanGuard features.
There are important notes that you may need to consider before enabling and configuring Auto-Remediation options and Patch Auto-Deployment. Studying them will help you to make informed decisions regarding deployment automation settings.
- Always test patches in a test environment before applying them to production systems. Windows patches may work well in isolation, but there is always a possibility for incompatibilities between a patch and other software.
- By default, Microsoft updates are not enabled for automatic deployment. Manually approve each patch (as it is tested) or set all Microsoft updates as approved, if you are making a weighted decision about it.
- When going the manual approval route, check the issues that Microsoft knows about for each patch.
- Keep up with news from third-party patch monitoring sites.
To uninstall software, a three-stage process is required in order to identify whether the selected application supports silent uninstall:
|Stage 1||Select the application to auto–uninstall.|
|Stage 2||Ensure that the application supports silent uninstall. Test this by trying to remotely uninstall the application. This is the validation process.|
|Stage 3||Setup a scheduled audit that will remove the unauthorized application. This is done automatically (using agents) or manually (agentless approach).|
Auto-remediation and uninstallation of unauthorized applications only work with scanning profiles that detect missing patches and/or installed applications.