Patch Management Requirements

Applies To: WatchGuard Patch Management This topic applies to the WatchGuard endpoint security module, Patch Management. Patch Management is available with WatchGuard EPDR, WatchGuard EDR, and WatchGuard EPP.

These products support the installation of WatchGuard Patch Management:

• WatchGuard Endpoint Protection Platform (EPP)
• WatchGuard Endpoint Detection and Response (EDR)
• WatchGuard Endpoint Protection Detection and Response (EPDR)
• WatchGuard Advanced EPDR

WatchGuard EDR Core does not support modules. We recommend that you upgrade to WatchGuard EPDR.

Hardware Requirements

• Processor — Pentium 1 GHz
• RAM — 1 GB
• Disk Free Space — 650 MB

Supported Operating Systems

Patch Management supports Windows, macOS, and Linux operating systems. Patch Management is partially compatible with Windows ARM systems. In ARM systems, for third-party applications, Patch Management detects 32-bit and 64-bit patches, but can only install 32-bit patches. Patch Management does not detect operating system patches in ARM-based chips.

Linux and macOS patches cannot be uninstalled.

Windows

Workstations

• Windows 7 (32 and 64-bit)
• Windows 8 (32 and 64-bit)
• Windows 8.1 (32 and 64-bit)
• Windows 10 (32 and 64-bit)
• Windows 11 (64-bit)

Servers

• Windows 2008 (32 and 64-bit) and 2008 R2
• Windows Small Business Server 2011, 2012
• Windows Server 2012 R2
• Windows Server 2016
• Windows Server Core 2008, 2008 R2, 2012 R2, and 2016
• Windows Server 2022

Patch Management does not support the Windows Extended Security Update Feature in Windows Server 2012 and higher.

macOS

• macOS Catalina 10.15
• macOS Big Sur 11
• macOS Monterey 12
• macOS Ventura 13
• macOS Sonoma 14

To install operating system patches on these computers, the computer user must enter their credentials. The user has three attempts to enter valid credentials. After the patch is installed, the computer restarts automatically. If the installation task includes other patches that do not require credentials, they install normally.

Linux

Supported 64-bit distributions:

• Red Hat: 7.x, 8.x
• CentOS: 7.x
• SUSE Linux Enterprise: 12, 15

Required URLs

These URLs are required to download the knowledge files of Patch Management:

• https://*.ivanti.com
• https://license.shavlik.com

For a list of URLs required to download catalog content and patches, go to this Ivanti Knowledge Base article (external link).

Unsupported Computers

On computers not compatible with Patch Management:

• Patch Management does not install.
• Computers keep the Patch Management settings profiles and tasks assigned to them, but they are not applied.
• The Available patches list does not show information about these computers or about the status of the patches installed.
• These computers do not count toward the number of Patch Management licenses used.
• The installation history reports previous installations of Patch Management as Not available.

Related Topics

URLs Used by WatchGuard Endpoint Security (KB Article) (external link)

Supported Third-Party Applications (external link)

Designate a Cache Computer (Windows computers)

Configure Patch Management Security Settings

Install Patches