There are two items GFI LanGuard needs to scan and deploy patches:
- Patch/Update definitions and information
- Patch/Update installers
Patch/Update definitions and information includes the following:
- List of available patches/updates.
- How to determine if the product is missing the patch (scan information)
- Where to download the patch/update installer
GFI Software acquires this information from each vendor. For some of the products this information is provided and included in GFI LanGuard via automated processes so that it becomes available as soon as possible (All Microsoft patches and most other 3rd party vendors). Some other 3rd party patch/update data must be manually incorporated. This information is then published on the GFI LanGuard Content Delivery Network servers and is download by your GFI LanGuard installation via the Program Updates component.
Patch / Update installers
Information on the current location of patch installers is contained in the patch/update definitions information contained in the patch management database. When LanGuard scans a machine for missing patches and finds missing patches the patch information (Bulletin number, Title, etc.) and the URL of the patch installer is saved to the SQL Backend Database. The patch installer is then downloaded into the repository automatically either per the patch auto-download settings or when the remediation job runs.