SnaPatch – Patch Management Addon for SCCM

SnaPatch seamlessly integrates with your existing Microsoft SCCM environment, providing a robust solution for managing Windows patch deployments. By scheduling snapshots of your virtual machines before applying patches, SnaPatch ensures that you have a reliable recovery point, reducing the risk of patch failures. This automated approach simplifies the patch management process, allowing for pre-patch snapshots, controlled deployment, and automated snapshot deletion based on retention policies. SnaPatch enhances compliance monitoring with detailed reports and notifications, helping maintain system security and stability.

SnaPatch for SCCM Home

Snapshot Virtual Servers before deploying Windows Updates

SnaPatch integrates with your existing Microsoft SCCM environment to schedule a snapshot of your virtual machines prior to the deployment of WIndow’s patches.

T

Connect to your existing Microsoft SCCM environment

Access and interact with your SCCM environment – view collections and servers, along with detailed information including make, model, OS and serial numbers.

R

Patching compliance at a glance

Check the compliance level of each server from within each collection. See detailed information such as the number of updates missing for each class (ie. security, critical, service packs, etc.)

Snapshot your servers before deploying patches

Remove the risk of patching your virtual Windows fleet by automatically taking a snapshot before deploying any patches.

Patches are only deployed to servers that have had a successful snapshot performed. If the snapshot fails, then no updates are deployed to those servers.

r

Get Notified of your SnapShot Progress

Stay informed every step of the way. You may configure SnaPatch to inform you when a job starts, snapshots are complete, patching is finished and when snapshots are due to be deleted.

}

Automatically delete snapshots based on retention policy

You decide how long to keep snapshots before the system automatically deletes them, and even get reminder emails before it happens! You also have the option to exclude servers from the snapshot auto-delete policy.

Snapshot Servers Automatically prior to deploying Windows updates.

SnaPatch Overview

SnaPatch (now on Version 3.50.0) connects and interacts with Microsoft’s System Centre Configuration Manager  SCCM , VMware’s ESX and now also Microsoft’s HyperV. By bridging all of these platforms it allows us to remove the inherent risk associated with patching and updating servers. This is achieved by automatically taking snapshots of the virtual server prior to deploying any patches. This ability gives you a reliable and fast roll back if any of those updates cause an issue to your virtual machines.

SnaPatch also connects to your SCCM SQL database to pull vasts amount of information to provide you with the clearest and most up to date picture of your environment.

SCCM is a fantastic tool for deploying updates to your Windows fleet, however, it relies on companies and system administrators to have dedicated test environments to determine the possibility of a patch having a detrimental effect on any particular server or application. Even if the patch doesn’t cause any issues within a test environment, that doesn’t necessarily mean it won’t cause an issue in production. The safest and easiest way to remove this risk is to take a snapshot of the virtual server before deploying updates.

However, this is quite a time consuming and arduous task. It requires timing and dedicated resources typically working late at night. It also means having to keep track of any snapshots and ensuring they are deleted, which often doesn’t happen.

SnaPatch removes all of these issues. Everything is automated and scheduled, and runs according to your preferences. Below is a quick walk through of the steps to create a patch schedule.)

Download a trial of Snapatch today

To trial SnaPatch, fill in the form below to get access to download the trial software.


.


 

FREE DOWNLOAD

Send download link to:

I confirm that I have read and agree to the End User License Agreement.

SnaPatch – Key Features

View collections and members

SnaPatch reads and lists all the collections within SCCM. It also shows you the members of each collection.

Easy to set up and configure

SnaPatch has been designed with one thing in mind, keeping it simple and easy. Be up and running in less than 30 minutes.

View patching compliance

Quickly see the patching compliance for each individual server. It shows you the break down of how many patches are missing, and what those missing patches consist of (i.e. critical, rollups, service packs, etc.)

Easily differentiate between physical and virtual machines

The main window of SnaPatch allows you to very easily differentiate which machine is physical and which is virtual.

Create Software Update Groups

Select the updates you wish to deploy and create a Software Update Group without needing to use the Configuration Manager console.

Take a snapshot of a virtual server before deploying any patches

Take a snapshot of the servers you’ve selected to patch before any patches are installed.

View detailed information for every update

Search and filter updates based on operating system and classification. Also view detailed information for every update, such as article ID, hotfix link and whether or not it’s been deployed, superseded or expired.

Search for a server and lists its memberships

Searching for a server or computer will return a list of all the collections that machine is a member of.

The dashboard keeps you up to date on every task

Launch the dashboard to see what’s happening at that very moment. Instantly know what task is being run on each server.

Set a schedule to perform all the tasks

Select the servers you want to patch and set a schedule. The system will then go off and snapshot the servers and deploy the patches you’ve selected all according the schedule.

Create a maintenance window

Set a maintenance window as part of the schedule to determine when the patches can be installed.

Easily manage scheduled jobs

The scheduled jobs window allows you to manage all your jobs. Start, stop, delete and see which servers are part of a scheduled job.

Deploy patches to both physical and virtual servers

SnaPatch allows you to deploy updates not only to virtual servers but also to physical. Of course however you don’t have the option to snapshot physical servers before deploying updates.

Get email notifications to keep you informed

Select optional email notifications to keep you informed every step of the way. You can set it to email you when a job starts, when snapshots have been completed and when patching is completed – along with the outcome of the installation.

Keep track of and automatically delete snapshots

Enabling this option lets you determine how long snapshots should be retained before they are automatically deleted.

Receive emails before snapshots are deleted

Receive an email a set number of days before any snapshot is deleted. This way you will know well ahead of time before any snapshot is deleted.

Exclude servers from the snapshot auto-delete policy

If you have sensitive servers that you want to exclude from the snapshot auto-delete policy you can easily do that too.

Include virtual machine memory as part of the snapshot

Choosing to include the VM memory as part of the snapshot will increase the time it takes to perform the snapshot but also allows you to return to active (running) point in time. This is optional as it is not always necessary to return to a previously running instance.

Scan for desktops and laptops as well as servers

The system allows you to include desktops and laptops as part of the scan. You may view detailed information for every device in your environment – including make, model, serial number, operating system and patching compliance.

Create computer groups

Create your own computer groups to re-use and deploy patches quickly.

Run Pre and Post Scripts

You can run your Pre and Post scripts now against your virtual machines.

SnaPatch Main Window

SnaPatch’s main window offers a comprehensive, user-friendly interface that simplifies patch management. The Actions section includes a dashboard, scheduled jobs, and Windows updates, while the Settings section provides configurations for SQL/Database, VMware, Config Manager, Service Account, Email, Notifications, and General settings. The Administration section includes Help, Licensing, Contact, and About options, ensuring a seamless experience for managing your patching needs within SCCM.

SnaPatch Dashboard

The SnaPatch dashboard provides a detailed overview of recent and active tasks, showcasing the status of updates, start and completion times, and snapshot states. It features a history of tasks for tracking patching activities and offers visual insights into the snapshot and patching success rates through pie charts. The dashboard also highlights the number of active and scheduled jobs, ensuring that administrators have a clear and concise view of the patching process and system health. This interface simplifies the management and monitoring of patch deployments within your SCCM environment.

Windows Update Selection

The update selection window in SnaPatch allows you to choose operating systems and update categories, including critical updates, update rollups, service packs, security updates, and general updates. Users can apply filters, create update groups, and deploy existing update groups. It also provides detailed information about each update, such as bulletin ID, severity, hotfix link, update class, compliance percentage, and deployment status. This interface ensures comprehensive control and visibility over the updates being managed, helping maintain system compliance and security efficiently.

Schedule Windows Update Deployments

The SnaPatch scheduled jobs window provides an overview of all scheduled and completed patching tasks. It lists task names, the computers in the target list, next run times, last run times, and the current status of each job. Users can easily view, edit, delete, enable/disable jobs, and run jobs immediately. The interface also includes options to refresh the list and find specific computers, streamlining the management of patching schedules and ensuring all systems are updated as per the defined policies.

SnaPatch FAQ

Q – What are the requirements for SnaPatch?

SnaPatch requires that you have SCCM 2012 R2, at least one vCenter running 5.0 (or above) or SCVMM and a SQL server containing the SCCM database. The SQL instance may reside on the same server as the SCCM server or on a remote SQL server. As for hardware and OS, SnaPatch needs very little, 2 vCPU, 4GB RAM and 10GB free space. It will run on Server 2008R2 SP1 (SP1 is a requirement for 2008R2), Server 2012 or Server 2012R2, 2016.

Q – What permissions are required for SnaPatch to function?

You must have local administrator access on the server to run SnaPatch. It also requires that the powershell execution policies for both x64 and x86 are set to “remotesigned”. As SnaPatch communicates and interacts with SCCM, VMware, SQL, HyperV and remote computers, you must provide accounts that have the relevant level of permissions to perform certain functions. Details around these requirements can be found under the support pages.

Q – Some of my servers don’t show an image or the image isn’t correct

We have tried to provide an image for as many servers and computers as we could, however it’s impossible to cover them all. If you have a machine that is not showing an image or the image is incorrect, please let us know the make and model and we will gladly add it to the image database as part of the next release.

Q – Does SnaPatch require an agent to be deployed?

No, SnaPatch does not use any agents. It communicates using the .NET framework, custom PowerShell code, WMI and SQL queries.

Q – Can SnaPatch deploy patches to physical servers?

Absolutely! You may deploy patches to physical servers just same as virtual servers, of course however, snapshots will not be taken.

Q – How does licensing work?

SnaPatch is licensed based on the number of servers within your SCCM database. For example, if you purchase a 250 server license but have more than 250 servers in your environment, SnaPatch will only display the first 250.

Q – Can I upgrade my license to cover more servers?

Certainly, just send us an email with your current details and what license level you would like to upgrade to and we will help you out.

Download a trial of Snapatch today

To trial SnaPatch, fill in the form below to get access to download the trial software.


.


 

FREE DOWNLOAD

Send download link to:

I confirm that I have read and agree to the End User License Agreement.

Snapshotting your servers prior to Deploying Updates doesnt have to be hard.

With SnaPatch, you can automate the entire process, ensuring a reliable recovery point and a smooth patching experience.

SnaPatch Deployment Overview

SnaPatch: "Automate Your Updates, Secure Your Servers!"