Upgrade software - best practise

jameson
Contributor II

I just wondering what is the best practise on general software updates

Fx If new apple security updates are released ? Should admin´s do a manually download and deploy or is there any kind of more automated options for this ?

What about normal updates like acrobat reader, chrome, etc. Is it just using the patch management option in Jamf or is there better options ?. We as company wants updated forced out as soon they are there, as self service probably 98% of users will not use and do a manually update

1 REPLY 1

Tangentism
Contributor II

Im currently building out a solution that will use the patch management system, some external tools and a fair bit of scripting.

The final idea is something like this:

Autopkg: Download & package any updates of software catalogue usng JSSImporter to get them to the JSS
Patch Server to store definitions for our entire software catalog.

Then scripts Im writing will check that a patch management policy for that software title is the latest version, and if its in scope (we have alpha, beta and production channels) will change the version to the latest and automatically push it out.

For Apple updates, I use a caching server then run a 'check for Apple updates' periodically.