You can access Patch Management activation settings from the Getting Started page or the Configuration page in ZENworks Control Center:
Getting Started page: Navigate to Security > Getting Started > Mitigating Vulnerabilities, and click the Activate Product link in the Enable Patch Management section.
Configuration page:Navigate to Configuration > Licenses panel > Product Licensing, and click the ZENworks 2020 Patch Management link.
The Product Activation panel enables management of your product license, as follows:
Evaluate/Activate Product:Either provide a valid product license key, or select Use Evaluation to use a temporary license for 60 days. If the evaluation period ends before you provide a valid license key, reference Trial Expired to understand Patch Management behavior after the expiration.
Designate as Production zone: This setting is only applicable if you have a license for Patch Management. You should have already configured this setting as part of the Patch Management migration or installation process by designating your zone as a production zone or a non-production zone (lab, demo, or test).
Activate the product on all devices in the zone: This option is displayed if the product is in Deactivated state and will be enabled if you select the Evaluate/Activate Product option.
If you select this option, the product is enabled on all the managed devices in the zone. You can disable the product or the ZENworks agent components at a later time, on selected managed devices at the device folder or the device level.
If you do not select this option, the product is not enabled across all the managed devices in the zone. You can enable the product or the ZENworks agent components on all devices or on specific devices at a later time, at the zone, device folder, or device level.
Patch Management offers the following licenses:
Table 4-1 Patch Management Licenses
|
License Type |
Description |
|---|---|
|
Trial |
Denotes trial access to all features of Patch Management for 60 days. |
|
Extended Trial |
Denotes continued access to some Patch Management features after the initial 60-day trial, up to 12 months since ZENworks service is installed. |
|
Valid |
Denotes a valid product license. |
|
Trial Expired |
Denotes that the initial 60-day trial period or the extended trial period has ended, depending on the license in use earlier. |
|
License Expired |
Denotes expiry of the current Patch Management license. |
|
Company Name |
Name of the company that Patch Management Service is registered to. |
|
Email Address |
E-mail address that you can use for receiving alerts and for future communications. |
|
Account ID |
Key created by the ZENworks Server, which is passed to the Patch Management Service and used to validate the update request. |
|
Total Non-Expired Licenses |
Total number of active licenses. Each registered device requires one license. |
|
Description |
The description of the license or the name of the license. |
|
Vendor |
The source where the license was purchased. |
Depending on the type of license you use, Patch Management functions are enabled as follows:
Trial: All Patch Management capabilities are free to use for 60-days. The 60-day evaluation period starts when you activate the product. If you are upgrading to the latest ZENworks version and are already using the Evaluation mode, the evaluation period will continue for the time remaining until it expires. You can view the expiration date on the main Configuration page > Product Licensing panel or in the Product Activation page.
Extended Trial: On any installation (new or old), you can request a 90-day evaluation key by filling out a form. The 90-day time period starts when the evaluation key is specified. During this license period, only Windows devices have Patch Management support. You can only download new patches released by Microsoft and run Vulnerability Detection for those patches. Patches that were cached previously will have their content cleared so you cannot deploy them. Other features disabled are patch caching, remediation, and generation of reports. In addition, a message appears, asking you to purchase a Patch Management license.
Valid: All Patch Management functions are available.
Trial Expired: After the trial ends, the Server will not download any new patches. All Patch Management functionalities are disabled and you will receive a message asking you to purchase a Patch Management license.
If ZENworks Configuration Management is not enabled, no new patch signatures or patch content is downloaded. Scanning and remediation using the existing patches will not be stopped, but nothing new will be added.
If ZENworks Configuration Management is enabled, ZENworks Patch Management continues to download Windows patch signatures so that scans of Windows devices take place and results are reported. However, the patch content cannot be downloaded, so no remediation can occur. This takes place for 1 year.
License Expired: After the license expires, the Server will not download any new patches. However, you can continue to use all Patch Management features on the patches downloaded prior to license expiration.
NOTE:During the evaluation period (keyed or key-less), ZENworks Patch Management is available for all platforms (Windows, Linux, Mac). Devices can be scanned, results reported, and devices patched.
Patch Management provides a 60-day free trial period. You do not need to enter a serial number unless you have purchased the product or the 60-day free trial has expired.
To continue using the Patch Management features of the ZENworks Control Center after your 60-day free trial has ended:
Enter a valid serial number for Patch Management.
Revalidate the serial number.
The license record is now valid, and displays serial number, status, expiration date, purchased for the License Record.
To validate the serial number and obtain the authorization to download patches, the Primary Server on which patch subscription is being downloaded must have port 443 (HTTPS) access to https://novell.patchlink.com/update, for ZENworks 2017 Update 3 and later, use https://download.novell.com/patchlink for license verification.
The Patch Management content distribution network is a global cache infrastructure with many servers. Downloading patches from this network requires port 80 (HTTP) access to http://novell.cdn.heatsoftware.com/novell/<release_version>.xml. The release_version is ZEN2020, ZEN2020U1. For security reasons, it is also recommended that SSL access to the Internet should be allowed. The SSL option is enabled by default and downloads the lists of patches from a secure and trusted site.
You should use nslookup to discover the local IP address for your nearest content distribution node. The content distribution network has over 40,000 cache distribution servers worldwide, plus multiple redundant cache servers in each geographic location. It is important to allow access to a range of addresses through the firewall.
The following table describes each field on the Serial Number page:
Table 4-2 Patch Management License Items
|
Item |
Definition |
|---|---|
|
Activate product |
Activates the patch management service. The Patch Management page is restored in the main panel and the Patch Management section is restored in the Configuration panel. |
|
Deactivate product |
Deactivates the patch management service. The Patch Management page is removed from the main panel and the Patch Management section is removed from the Configuration page. |
|
Product Serial Number |
Patch Management license number (serial number). |
|
Company Name |
Name of the company that Patch Service is registered to. |
|
Email Address |
E-mail address that you can use for receiving alerts and for future communications. |
|
Account ID |
Key created by the ZENworks Server, which is passed to the Patch Service and used to validate the update request. |
|
Total Non-Expired Licenses |
Total number of active licenses. Each registered device requires one license. |
|
Description |
The description of the license or the name of the license. |
|
Status |
Status of license verification. When verification begins, the status reads Initializing Verification. When replication ends, the status reads Completed. |
|
Vendor |
The source where the license was purchased. |
|
Expiration |
The date the licenses expire. Typically, licenses expire one calendar year from the date of purchase. |
|
Purchased |
The total number of licenses purchased with the product. |
After you enter the serial number, you can verify the license by clicking the Action drop-down list on the Patch Management License page and selecting Verify License.
To start the license verification process, click Apply. Automatic verification of the license happens every day with the replication process.
The Verify License message box indicates that the verification of the product license is complete or the license has expired.