Software Patches? Essential for Your Company’s Security!
If you don’t have a comprehensive solution for patching servers, desktops and virtual machines, you’re placing your company’s critical data at risk. Register for one (or all!) of our live webcasts and learn to secure your network.
Register today »
Matrix
How Does Quest Patch Authority Ultimate Compare to Windows Update Services 3?
When delivering software patches, which solution is more comprehensive? Flexible? Easy to use? Powerful? Review this comparison matrix and discover the right fit for your business.
Review the side-by-side comparison »
Comparison matrix
Which Patch Distribution Solution is Right for Your Business?
Both Patch Authority Ultimate and Desktop Authority deliver powerful, flexible patch distribution and deployment – but which one is the best fit for your company? Review this features comparison and see which best suits your needs.
Review the comparison »

Patch Manager (formerly ScriptLogic Patch Authority Ultimate)

Powerful, automated security patching for virtual and physical environments

Streamline security patch management with Quest® Workspace Patch Manager. Automate the tasks of identifying, downloading and applying the latest patches across physical and virtual desktops and servers. With Workspace Patch Manager software, organizations can:

  • Reduce the time and costs associated with patch management
  • Help ensure tight security by applying the most up-to-date patches across enterprise desktop and server environments
  • Quickly assess the state of security and easily demonstrate compliance with extensive reporting capabilities

Features

Breadth of Patching
Apply patches across desktops and servers for a range of Microsoft® applications and operating systems plus third-party applications from Adobe, Mozilla (Firefox), Apple, WinZip and more.

Extensive Automation
Automate the tasks of scanning installed software, downloading the latest patches and deploying those patches across numerous desktops and servers.  Do scans, downloads, patch deployments and agent installs simultaneously with the multitasking tool. Set policies for the time and frequency of automated processes. Create templates for managing groups of systems.

Physical and Virtual Machine Support
Scan and patch applications and operating systems running on both physical systems and virtual machines (VMs). Install patches on offline VMs in addition to online VMs to ensure that the network is protected when systems are powered on.

Advanced Reporting
Access more than 20 built-in reports on scan, patch and deployment status or create customized reports to provide executives and IT administrators with accurate information on the state of enterprise systems while enabling auditors to easily confirm compliance.

Easy-to-Use Interface
Initiate the patching process in as few as two clicks. For more granular control, leverage options for patch grouping, machine grouping, filtering, agent management, scheduling and reboot choices.

Compare Solutions:

Sys Reqs

Restrictions:

  • An NT File System (NTFS) is required on the console machine.
  • If you install the console on a domain controller that uses Lightweight Directory Access Protocol (LDAP) certificate authentication, you may need to configure the server to avoid conflict issues between the SSL certificate and the Quest Patch Authority® Ultimate program certificate. There is no easy way to configure this on a Windows Server® 2003-based domain controller and this combination is not recommended for use as a console.
  • If you install the console on two or more machines that share a database, all of the machines must have unique security identifiers (SIDs) in order to prevent user credential problems. Machines are likely to have the same SIDs if you make a copy of a virtual machine or if you ghost a machine.
 MinimumRecommendedHigh Performance
Processor2 processor cores, 2 GHz or faster4 processor cores, 2 GHz or faster (for 250-1,000 seat license)8 processor cores, 2 GHz or faster (for 1,000+ seat license)
Memory2 gigabyte (GB) of RAM4 GB of RAM (for 250-1,000 seat license)8 GB of RAM (for 1,000+ seat license)
Video1024 x 7681280 x 1024 

Disk space: 100 megabyte (MB) for the application—2 GB or more for the patch database.

Operating System (one of the following):

Note: Quest Workspace Patch Manager supports 32- and 64-bit versions of the listed operating systems for both console and target systems.

MinimumRecommended
  • Windows XP Professional, SP3 or later (SP2 or later if using 64-bit version)
  • Windows Vista®, SP1 or later, Business, Enterprise or Ultimate Edition
  • Windows® 7, Professional, Enterprise or Ultimate Edition
  • Windows Server 2003 Family, SP2 or later
  • Windows Server 2008 Family, excluding Server Core
  • Windows Server 2008 Family R2, excluding Server Core

Database:

Use of a Microsoft SQL Server® database (SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2008 or SQL Server 2008 R2 Express Edition) is required. If you do not have access to a SQL Server database, the option to install SQL Server 2008 R2 Express will be provided during the prerequisite software installation process.
Note: SQL Server 2000 is not supported for use as a back-end database.
Size: 1.5 GB

Prerequisite Software:

  • Windows Installer 4.5 or later (only required if installing SQL Server 2008 R2 Express SP1 during Quest Workspace Patch Manager installation)
  • Use of Microsoft SQL Server 2005, SQL Server 2005 Express Edition, SQL Server 2008, SQL Server 2008 Express Edition, SQL Server 2008 R2 or SQL Server 2008 R2 Express Edition SP1
  • Microsoft .NET Framework 4.0 or later
  • Microsoft .NET Framework 2.0 SP2
  • Windows PowerShell™ 2.0 or later
  • Windows Imaging Component

Windows Account Requirements:

In order to access the full capabilities of Quest Workspace Patch Manager, you must run it under an account with administrator privileges.

Configuration Requirements:

When performing an asset scan of the console machine, Windows Management Instrumentation (WMI) service must be enabled and the protocol allowed to the machine. In Windows Firewall, on Windows XP/Windows 2003 machines, the service is called Remote Administration; on Windows Vista/Windows 7/Windows Server 2008 machines, the service is called Windows Management Instrumentation (WMI)/Remote Administration.

Clients (agentless):

Browser:  Internet Explorer 5.5 or later is required to receive patch deployments.

Operating Systems (any of the following):

  • Windows 2000 Professional
  • Windows 2000 Server
  • Windows 2000 Advanced Server
  • Windows 2000 Datacenter Server
  • Windows 2000 Small Business Server
  • Windows XP Professional
  • Windows XP Tablet PC Edition
  • Windows XP Embedded
  • Windows Server 2003, Enterprise Edition
  • Windows Server 2003, Standard Edition
  • Windows Server 2003, Web Edition
  • Windows Server 2003 for Small Business Server
  • Windows Server 2003, Datacenter Edition
  • Windows Vista, Home Basic Edition
  • Windows Vista, Home Premium Edition
  • Windows Vista, Business Edition
  • Windows Vista, Enterprise Edition
  • Windows Vista, Ultimate Edition
  • Windows 7, Home Premium Edition
  • Windows 7, Professional Edition
  • Windows 7, Enterprise Edition
  • Windows 7, Ultimate Edition
  • Windows Server 2008, Standard
  • Windows Server 2008, Enterprise
  • Windows Server 2008, Datacenter
  • Windows Server 2008, Standard - Core
  • Windows Server 2008, Enterprise - Core
  • Windows Server 2008, Datacenter - Core
  • Windows Server 2008 R2, Standard
  • Windows Server 2008 R2, Enterprise
  • Windows Server 2008 R2, Datacenter
  • Windows Server 2008 R2, Standard - Core
  • Windows Server 2008 R2, Enterprise - Core
  • Windows Server 2008 R2, Datacenter - Core

Virtual Machines (offline images created by any of the following):

  • VMware ESX Server 3.0 or later
  • VMware ESXi 3.0 or later
  • VMware vCenter (formally VMware VirtualCenter) 2.0 or later
  • VMware Workstation 4.0 or later
  • VMware Player

Configuration Requirements:

  • Remote Registry service must be running.
  • Simple File Sharing must be turned off.
  • Server service must be running.
  • NetBIOS (tcp139) or Direct Host (tcp445) ports must be accessible.
  • When deploying patches on a Windows Vista (or later) operating system, the Windows Update service Startup type must be set to either Manual or Automatic.

Disk Space:

  • Free space equal to five times the size of the patches being deployed.

Supported Languages (for patch download):

  • Arabic, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, English, Finnish, French, German, Greek, Hebrew, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Swedish, Thai and Turkish

Clients (agent):

Note: An NTFS is required on agent machines.

Processor:

  • 500 MHz or faster CPU

Memory:

  • Minimum: 256 MB RAM
  • Recommended: 512 MB RAM or higher

Disk Space:

  • 30 MB for Quest Workspace Patch Manager client
  • 500 MB or more for patch repository

Operating Systems (any of the following):

  • Windows XP SP2 or later
  • Windows Vista Family
  • Windows 7 Family
  • Windows Server 2003 Family
  • Windows Server 2008 Family
  • Windows Server 2008 Family R2

Prerequisite Software:

  • MSXML 3.0 or later

Configuration Requirements:

  • Workstation service must be running.

Port Requirements:

These are the default port requirements. The port numbers are configurable.

Inbound Ports (Basic NAT Firewall)

 TCP 80TCP 135TCP 139 OR TCP 445TCP 3121TCP 4155TCP 5120TCP 443
Client System   
(For listening agents)		 
Console System       
Distribution Server

    

Outbound Ports (Highly Restricted Network Environment)

 TCP 80TCP 139 OR TCP 445TCP 3121 TCP 5120UDP 9
Client System
(For agents)
(For agents)

 

 

Console System

 
(For error reporting)
Distribution Server

      

Docs

 

Learn More

Related Products

Support for This Product