Ubuntu OS

From Notes_Wiki
Revision as of 13:04, 2 July 2025 by Ansil (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Home > ManageEngine Endpoint Central > OS Patch Management > Ubuntu OS


Patch Management Using Endpoint Central – Ubuntu

Description

This page explains how to perform patch management on Ubuntu machines using **ManageEngine Endpoint Central (EPC)**. It covers agent installation, patch scanning, deployment, and system preparation.

Endpoint Central supports patching for multiple Linux distributions, including various versions of Ubuntu. After installing the Linux agent, Endpoint Central can automatically detect missing security and non-security updates, allowing you to push patches remotely.

Supported Ubuntu Versions

Endpoint Central supports the following Ubuntu versions:

  • Ubuntu 20.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 24.04 LTS

> ⚠️ Ensure your Ubuntu systems are 64-bit and have internet or repository access for patch management to work correctly.

1. Preparing the Ubuntu Machine

  1. Create a virtual or physical Ubuntu machine.
  2. Install the CA certificate if secure communication with EPC is required.
  3. Allow the EPC server through your firewall (e.g., Palo Alto) with **full internet access**.
  4. Ensure the machine's time and hostname are correct.

2. Installing the Endpoint Central Agent

Step 1: Download the Agent

In the Endpoint Central web console: Go to: Agent → Computers → Download Agent → Linux → AMD → Download Agent

Step 2: Install the Agent

Run the following steps on the Ubuntu machine:

  1. Unzip the downloaded agent file:
unzip -e <agent_name>.zip
  1. Make the agent file executable:
chmod +x <UEMS_filename>
  1. Run the installer:
./<UEMS_filename>

Step 3: Verify Agent Installation

  • Go to Agent → Computers in the EPC console.
  • The Ubuntu machine should appear in the list with the status "Installed".

3. Patch Settings in Endpoint Central

Step 1: Enable Patch Database Sync

Go to: Admin → Patch Settings → Patch Database Settings

  • Under Linux Patches, enable:
 * Security Updates
 * Non-Security Updates
  • Click Save

Step 2: Configure Proxy Settings (Optional)

Go to: Admin → Server Settings → Proxy Server

  • Click Edit
  • Select: Direct Connection to the Internet (or configure a proxy)
  • Click Save

4. Scanning and Pushing Patches

Step 1: Scan for Missing Patches

Go to: Threats & Patches → Scan Systems

  • Select the Ubuntu machine(s)
  • Click Scan Now

Step 2: View Missing Patches

Go to: Threats & Patches → By Patches → Missing Patches

  • Review the list of missing patches
  • Example: If you need to push a patch for vim-common, select it

Step 3: Install / Publish Patches

  1. Select the required patch(es)
  2. Click Install / Publish Patches
  3. Set Deployment Time: Deploy Anytime at the Earliest
  4. Choose the target machine(s)
  5. Click Deploy Immediately

5. Monitoring Patch Status

You can monitor patch deployment and scan status from:

  • Threats & Patches → Deployment Status
  • Reports → Patch Reports → Linux Patch Summary

Notes

  • Ensure your Ubuntu systems have access to the official APT repositories.
  • Scheduled scans and patch deployments can be configured using Deployment Policies.
  • Reboot options can be set within deployment settings (if required).

Home > ManageEngine Endpoint Central > OS Patch Management > Ubuntu OS

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Ubuntu_OS&oldid=9000"