File name
patch_management_policy.xml |
Description
This file specifies the following information for patch management by Systemwalker Software Configuration Manager.
Classification levels for managing Windows patches
Classes for managing software patches
This file sets the classification levels for the updates provided by WSUS.
Classification levels classify the importance of a patch in terms of patch management by Systemwalker Software Configuration Manager, and can be specified as either "Required" or "Recommended" for each classification.
Required: A patch that must be applied uniformly to all servers according to the decision made by the infrastructure administrator
Recommended: A patch recommended for application by the infrastructure administrator that can be canceled by a tenant administrator or tenant user if they determine it will affect business activities
The following table shows the different types of classifications for WSUS, and the default classification level for each type.
Classification of updates | Classification level |
|---|---|
Security Updates | Required |
Critical Updates | Required |
Feature Packs | Recommended |
Service Packs | Recommended |
Tools | Recommended |
Drivers | Recommended |
Updates | Recommended |
Update Rollups | Recommended |
Definition Updates | Recommended |
For Fujitsu middleware, this file sets the classes according to the importance of the update files downloaded from the UpdateSite. For software other than Fujitsu middleware, this file sets the classes according to the importance of the patch information.
Classification levels classify the importance of a patch in terms of patch management by Systemwalker Software Configuration Manager, and can be specified as either "Required" or "Recommended" for each importance level of update files.
Required: A patch that must be applied uniformly to the target servers according to the decision that the infrastructure administrator has made
Recommended: A patch recommended for application by the infrastructure administrator that can be canceled by a tenant administrator or tenant user if they determine it will affect business activities
The default classes are as follows:
Importance Level of Patches | Classification level |
|---|---|
Important | Required |
Security | Required |
Recommended | Recommended |
File location
[Windows]
<Systemwalker Software Configuration Manager installation directory>\SWCFMGM\config |
[Linux]
/etc/opt/FJSVcfmgm/config |
File format
<?xml version="1.0" encoding="UTF-8"?>
<policies>
<RepositoryServer>
<WSUS>
<SecurityUpdate>
<entry key="applyLevel">[<Patch classification level>]</entry>
</SecurityUpdate>
<CriticalUpdate>
<entry key="applyLevel">[<Patch classification level>]</entry>
</CriticalUpdate>
<FeaturePack>
<entry key="applyLevel">[<Patch classification level>]</entry>
</FeaturePack>
<ServicePack>
<entry key="applyLevel">[<Patch classification level>]</entry>
</ServicePack>
<Tool>
<entry key="applyLevel">[<Patch classification level>]</entry>
</Tool>
<Driver>
<entry key="applyLevel">[<Patch classification level>]</entry>
</Driver>
<Update>
<entry key="applyLevel">[<Patch classification level>]</entry>
</Update>
<UpdateRollup>
<entry key="applyLevel">[<Patch classification level>]</entry>
</UpdateRollup>
<DefinitionUpdate>
<entry key="applyLevel">[<Patch classification level>]</entry>
</DefinitionUpdate>
</WSUS>
<CFMGServer/>
<FJMW>
<Security>
<entry key="applyLevel">[<Patch classification level>]</entry>
</Security>
<Important>
<entry key="applyLevel">[<Patch classification level>]</entry>
</Important>
< Recommended/>
<entry key="applyLevel">[<Patch classification level>]</entry>
</ Recommended>
</FJMW>
</CFMGServer></policies>Parameters
The contents of each tag and key are as follows:
Tag | Information contained | Value | Remarks | |
|---|---|---|---|---|
Policies | Policy | - | Required. | |
RepositoryServer | Repository server | - | Required. | |
WSUS | WSUS | - | Required. | |
SecurityUpdate | Security Updates | - | Required. | |
CriticalUpdate | Critical Updates | - | Required. | |
ServicePack | Service Packs | - | Required. | |
FeaturePack | Feature packs | - | Required. | |
Tool | Tools | - | Required. | |
Driver | Drivers | - | Required. | |
Update | Updates | - | Required. | |
UpdateRollup | Update Rollups | - | Required. | |
DefinitionUpdate | Definition Updates | - | Required. | |
CFMGManager | Systemwalker Software Configuration Manager admin server | - | Required. | |
FJMW | Software information | - | Required. | |
Security | "Security" patch | - | Required. | |
Important | "Important" patch | - | Required. | |
Recommended | Feature pack | - | Required. | |
Key | Meaning | Value | Default value | Remarks |
|---|---|---|---|---|
applyLevel | Specifies a classification level for a patch | 1: Required 2: Recommended | 2 |
Cautions
Use UTF-8 as the character encoding for the file.
Changes to the definition are applied next time Systemwalker Software Configuration Manager is started.
Example
<?xml version="1.0" encoding="UTF-8"?>
<policies>
<RepositoryServer>
<WSUS>
<SecurityUpdate>
<entry key="applyLevel">1</entry>
</SecurityUpdate>
<CriticalUpdate>
<entry key="applyLevel">1</entry>
</CriticalUpdate>
<FeaturePack>
<entry key="applyLevel">2</entry>
</FeaturePack>
<ServicePack>
<entry key="applyLevel">2</entry>
</ServicePack>
<Tool>
<entry key="applyLevel">2</entry>
</Tool>
<Driver>
<entry key="applyLevel">2</entry>
</Driver>
<Update>
<entry key="applyLevel">2</entry>
</Update>
<UpdateRollup>
<entry key="applyLevel">2</entry>
</UpdateRollup>
<DefinitionUpdate>
<entry key="applyLevel">2</entry>
</DefinitionUpdate>
</WSUS>
</RepositoryServer>
<CFMGManager/>
<FJMW>
<Security>
<entry key="applyLevel">1</entry>
</Security>
<Important>
<entry key="applyLevel">1</entry>
</Important>
<Recommended/>
<entry key="applyLevel">2</entry>
</Recommended>
</FJMW>
</CFMGManager>
</policies>