Login
    Contents x
    Patch Management
    • 14 Jul 2025
    • 6 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Patch Management

    • Updated on 14 Jul 2025
    • 6 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Description

    Patch Management in Netreo gives you the ability to update the operating systems (OS) of supported managed devices directly through Netreo, helping to make sure that your devices remain secure, up-to-date, and compliant with organizational policies. Updates are not an automatic process, however. The user must determine if an OS update is available for a device from the manufacturer. When an update becomes available, upload that update to Netreo to apply it as a patch to all applicable managed devices simultaneously.

    Supported Devices

    The following device types are supported for OS image updates via the Netreo Patch Management feature:

    • Alcatel OS6860
    • Aruba Wireless LAN Controller (WLC)
    • Check Point GAIA
    • Check Point Gaia Management Server
    • Cisco Aironet Controller
    • Cisco ASA Firewall (v7 and above)
    • Cisco CatOS Switch
    • Cisco Firewall
    • Cisco Firewall (Pix 7.x and higher)
    • Cisco IOS Router
    • Cisco IOS Router (Telnet)
    • Cisco IOS Switch
    • Cisco Identity Services Engine (ISE)
    • Cisco Nexus OS (NX-OS)
    • Cisco Small Business IOS Switch
    • Cisco Small Business IOS Switch (Telnet)
    • Dell PowerConnect Switch
    • Extreme Networks Switch
    • HP ProCurve Switch
    • Huawei Router
    • Huawei Switch
    • Juniper Router
    • Juniper SSL VPN
    • Juniper Switch
    • Juniper Virtual Chassis Ethernet Switch

    Enabling Patch Management in Netreo

    To use patch management, it must first be enabled in Netreo by using the Feature Toggle. After the main feature is activated, patch management must then be enabled on each of the managed devices you want to be able to update.

    Enabling Patch Management in Netreo

    To enable patch management in Netreo, perform the following steps:

    1. Log in to Netreo as a user with the SuperAdmin access level.
    2. From the main menu, navigate to Administration >> System >> Feature Toggle to open the Feature Toggle page.
    3. Click the Patch Management toggle to activate the feature.
    4. Click Save to apply the settings.

    After the Patch Management feature is enabled, Netreo might take up to 10 minutes to complete the initial configuration on the core appliance. After the core system has completed its setup, each attached service engine will begin its own configuration process.

    Enabling Patch Management on Managed Devices

    There are 2 options for enabling patch management on managed devices:

    • Bulk enablement for multiple devices on the Enable Patch Management page.
    • Individual enablement per device via a device's Device Administration page.

    After enabling patch management for devices, you will have to wait for the devices to perform a discovery poll before patch management data becomes viewable on the device. A new Discovery Poll is automatically scheduled when patch management is enabled for a device.

    Multiple Devices:

    1. Log in to Netreo as a user with the Admin access level or above.
    2. From the main menu, navigate to Administration >> Change Devices >> Turn On/Off Patch Management to open the Enable Patch Management page. (This page lists all managed devices for which patch management is applicable and shows their current patch management enablement setting.)
    3. Select the desired devices, then use the buttons below the selection table to select whether to turn patch management on or off for them.

    Individual Device:

    1. Log in to Netreo as a user with the Admin access level or above.
    2. Open the Device Administration page for the device and click the Show Advanced Options dropdown.
    3. Click the PATCH MANAGEMENT toggle to activate patch management for that device.
    4. Click Apply Changes.

    Using Patch Management

    After you have activated Netreo's patch management feature, you should determine if any of your devices are in need of updating. This generally consists of checking the OS image version of each applicable device and then checking the manufacturer's website to see if any updates are available.

    Use of Netreo's patch management feature generally involves several steps:

    1. Determining the OS image versions of your devices.
    2. Checking the manufacturer's websites to see if any updates are available.
    3. Downloading the updates, then uploading those files into Netreo.
    4. Patching the applicable devices.

    Determining Device Model and OS Version

    Netreo provides options for users of different access levels to determine the model and OS version for a managed device.

    Users with the Power User access level and above have access to the Patch Management page. This page shows a table of all patch-management-enabled managed devices in Netreo, with their model name, the name of their current OS image, and the date of their last update.

    Users with the User access level can only determine the model and OS version of individual managed devices through their Device Dashboard.

    Multiple Devices

    1. Log in to Netreo as a user with the Power User access level or above.
    2. From the main menu, navigate to Utilities >> Patch Management to open the Patch Management page.
    3. All patch-management-enabled managed devices are listed in the Devices table with their model names and OS image names.

    Click the managed device name to view the history of the last five jobs.

    Individual Device

    1. Log in to Netreo as a user with the User access level or above.
    2. Navigate to the Device Dashboard for the device you want to examine. On the left side of the Overview tab, below the HOST INFORMATION panel, is a new panel labeled PATCH MANAGEMENT INFORMATION.
    3. Open this panel to view the device model name and OS image name.
      • After patch management is enabled for a device, it might take several minutes for the device to repoll and retrieve the patch management data. The following images show the info panel before and after device repoll.

    Uploading an OS Image

    When a manufacturer releases an update to a device's OS image, upload that image to Netreo after downloading it from the manufacturer's website for use in patching the appropriate devices.

    To upload an OS image, perform the following steps:

    1. Log in to Netreo as a user with the Admin access level or above.
    2. From the main menu, navigate to Administration >> Tools >> Patch Management File Upload to open the OS Upload page.
    3. Select the device model name.
    4. Select the Netreo device type for the device.
    5. Click the Browse button and select the OS image file to upload.
    6. Click Upload OS. (After an OS file is uploaded, it is listed in the uploads table and shows the file name, upload date, and checksum.)

    When the table shows that the file has been successfully uploaded, the image is ready for use to patch applicable devices.

    Important

    Uploaded OS image files must:

    • Have no spaces in the file name.
    • Be a file with an extension of .bin, .img, or .iso.
    • Be smaller than 3GB in size.

    Applying an OS Patch

    After uploading an OS image to Netreo, you are ready to use it as a patch for applicable managed devices.

    In the Patch Management window, you can perform the following actions:

    • OS Patch - Patch the device OS, but do not reboot the device.
    • Reboot - Simply reboot the device without patching.
    • OS Patch and Reboot - Patch the device OS and reboot the device. (Patching a device OS takes roughly between 15-20 minutes.)

    Only one type of device can be patched at a time.

    To take any of the above actions, perform the following steps:

    1. Log in to Netreo as a user with the Power User access level or above.
    2. From the main menu, navigate to Utilities >> Patch Management to open the Patch Management page.
    3. To perform an action, select all the desired devices from the Devices list.
    4. Use the Actions  pull-down menu to select the desired action.
      • For the OS Patch and the Reboot actions, a simple confirmation window is displayed. Click Confirm.
      • For the OS Patch and Reboot action, an OS image confirmation window is displayed. Select the appropriate uploaded OS image and click Confirm.
    5. If the action is successful, a success message is shown. (Patching a device OS takes roughly between 15-20 minutes.)

    On the Devices table, click the name of a managed device to view its current job status.

    The Patch Management Jobs Report

    The Job Historical Log reports the history of patch management jobs, including patch failures with the reason for failure. This log is updated every 5 minutes to ensure up-to-date status tracking.

    To view the jobs report, perform the following steps:

    1. Log in to Netreo as a user with the User access level or above.
    2. From the main menu, navigate to Reports >> Built In.
    3. Select the Patch Management Jobs Report.
    Was this article helpful?
    What's Next
    PLATFORM
    WHY NETREO?
    SOLUTIONS BY INITIATIVE
    SOLUTIONS BY INDUSTRY
    SOLUTIONS BY JOB FUNCTION
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout