Before enabling and configuring Auto-Remediation options, review the following notes that you may need to consider when performing remediation. This allows you to better understand how remediation functions.
- Always test patches in a test environment before deployment.
- By default, Microsoft updates are not enabled for automatic deployment. Manually approve each patch (as it is tested) or set all Microsoft updates as approved.
To uninstall software, a three-stage process is required in order to identify whether the selected application supports silent uninstall:
|Stage 1||Select the application to auto–uninstall.|
|Stage 2||Ensure that the application supports silent uninstall. Test this by trying to remotely uninstall the application. This is the validation process.|
|Stage 3||Setup a scheduled audit that will remove the unauthorized application. This is done automatically (using agents) or manually (agentless approach).|
Auto-remediation and uninstallation of unauthorized applications only work with scanning profiles that detect missing patches and/or installed applications.