A lot (that’s the easy answer). More than anyone else (also an easy answer). But if you are looking for a number, it gets a tad complicated. In this article, I’ll go into the ways you can count them so you can appreciate what you truly get in terms of coverage when considering the SVM Vendor Patch Module.
Note: as explained later in this article, the actual numbers fluctuate regularly due to daily changes that can affect such counts. The numbers used below were accurate as of 9/6/2019.
First, when speaking to patches, we can all agree that the goal is to provide out-of-the box patches that require no additional effort. We’ve got “over 1000” which at the time I write this translates to 1126 and growing. But how many products does that address is a more valuable question. Those 1126 patches apply to 428 unique products. That is probably the most conservative way to look at the list, while at the other end of the spectrum we can say (just as factually) that we provide valuable details on over 2,499 vendor software installers.
That is where the SVM Vendor Patch Module goes further by not limiting coverage to just those setups where we can provide everything necessary for an out-of-the-box patch. We’ve got an additional 1244 installers covered where something may be missing that prevented us from offering an out-of-the-box patch. It could mean we are missing the setup file, the detection logic, or a silent command line for a myriad of reasons:
It could mean the setup file itself is not publicly available. In some cases, vendors do not make their installers available for download without logging in as a paying customer. In such cases, a traditional patch catalog would omit the information and disqualify it as eligible for inclusion.
It could mean we don’t have sufficient detection logic. In some cases, we may not have a reliable file on which to base applicability rules as required by a WSUS patch. The download and silent command line information are still very clearly of high value, and so in these cases, we still provide them. Further, if the application is one that SVM can detect, we can leverage assessment data to dynamically offer applicability criteria unique to your environment.
It could mean we don’t have a silent command line. Vendors don’t always provide support for (and sometimes go out of their way to discourage) silent installation of their applications. In such cases, the awareness that the update exists, the ability to easily obtain it and how to detect when it is installed are still valuable, so we provide this information. However, it may be necessary to repackage such a product with AdminStudio in order to achieve a silent, customized deployment that is suitable for updating or patching it.
There are a couple of situations where products may be temporarily removed from our patch data. If virus and adware scanning were to fail for a vendor setup, we would not make it available. We are scanning with dozens of different scanners so there may be an occasional false positive that causes us to omit a product while we investigate. There may also be situations where we have all the data necessary to build a patch, but it has failed to pass our internal testing process for some reason and requires more attention. For example, it may not have run silently as expected, or it may have a dependency not present on our test machines.
Flexera has taken a unique approach to providing an unprecedented volume of patch details by not omitting third party software titles that do not satisfy all the criteria for an out-of-the-box patch. That is how, on top of over a thousand out-of-the-box patches, we take it further to offer help with over a thousand more. To be precise, 1126 complete patches and details on 1244 more. In total (complete and incomplete coverage), the patch data here applies to 827 software products across 383 software venders.
Now that we’ve established what we have, let’s talk about ways one can count it.
One title can have a lot of patches. For example, Firefox has dozens of languages and variants for which we offer patches, which essentially patches “Firefox”. Therefore, the number of patches apply to a much smaller number of products.
Some vendors provide a different setup for 32- and 64-bit architectures. And some provide distinct setups both based on language and architecture. For example, Autodesk Inventor has over 50 different setups for this reason.
We also have over 100 Mac patches (129 at this moment). For Mac, the value is all in the awareness of what has been released and the ability to easily obtain it as the challenge of determining silent command line parameters is not applicable to Mac systems. While SVM provides research and assessment for Mac patches, when it comes to patching, the patches are provided, but cannot be pushed the way they can for Windows systems. For these, you can download and distribute using whatever mechanism you have in place for manual Mac management. As a side note, it is possible to publish packages directly to Jamf Pro (formerly Casper) for deployment using AdminStudio.
The number of patches and details provided is impressive, but it is not the most important thing. What is likely of more significance is identifying just what applications we cover that you really care about. We’ve focused on enterprise applications to maximize value, and are not just creating patches for everything under the sun to impress you with big numbers. To provide that insight, we’ve set up a place where those interested in the SVM Vendor Patch Module may verify specific application coverage. Those entries marked with an asterisk are the ones that have an out-of-the-box patch, the others are those I’ve described above as somehow incomplete.
In SVM, you can view the full list of patches (but cannot build/publish them until licensed). They work the same way as SVM handles other patches, so the learning curve is almost nonexistent. For a firsthand look, see the demo in our recorded webinar presentation or watch this very short video below which offers a much briefer version of the same.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.