Ivanti EPM– new way of patch installation using EPM2020.1 SU1

Ivanti Endpoint Manager can install patches using Repair Task or Rollout Project. These methods are still valid, but a new way of patch installation, called „Patch Campaign”[1], is given.

EPM 2020.1 with Service Update 1 introduced this patch solution, but you should update EPM 2020.1 to SU3 or higher to use Patch Campaign.

You can check patch level at EPM console start screen:



If product version or patch level is too low, you must update EPM first:


Updated EPM version introduce a new item Patch Automation inside Security and Compliance tool.


You can find „Patch Campaign” here. Patch Automation is designed for patch testing and installing process. A scheduler is based on date relative to “Patch Tuesday”, most convenient for Windows Patch Management.

You can test patches using small set of pilot computers (to identify invalid patches), next test computers (more than pilot set, to catch relatively rare errors), and alas production set. Three steps in patching process is easy to implement using Patch Campaign, but you can create as many steps as you wish.

Ivanti maintains a dedicated for „Patch Tuesday” [2] blog, to inform you about Windows Patch Management every month.


A picture is a visual summary of month, but there is a description of common vulnerabilities and patches released below the picture.

Patch Campaign can make patching using Ivanti EPM easier.

Leave a Reply

Your email address will not be published. Required fields are marked *