All Topics » Pulse Policy Secure

SCCM - Automatic update & Remediation

Contributor (11)
Jan 1, 2012 4:37am


i've an 2x IC4500 & also SCCM agents installed into my corporate machines for patch management

i've heared that by version 4.1, we can integrate both for Patch Update & Remediation

my Q; is there any document describing the process & is there any licnese required to do that?


Contributor (11)
Correct Answer
Jan 2, 2012 11:26pm

Hi ,

patch management and patch remediation is integrated by default in IC from 4.1, page mamangement is to update the list of updated patches available from juniper patch managment server :

When we enable a host checker policy in IC for a updated patch check for a specific product in the enpoints, this policy will check for the updated patch and if the endpoint doesnot have the patch remediation come in to picture where SMS/SCCM Patch Deployment or Shavlik Patch Deployment can be used. you can Select a patch deployment method for Junos Pulse. For other clients, only SMS/SCCM patch deployment is supported.

Patch management and patch remediation comes with IC hostchecker feature which is available with the simulatenous end points license. There is no specific license for patch managment and patch remediation.

Patch management and patch remediation configurations steps are documented and availble in IN 4.1 admin guide.

please refer page 412/413:

Please revert for ay clarifications

Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks!!

    Contributor (11)
    Jan 3, 2012 12:24am


    Contributor (0)
    Sep 11, 2017 7:17pm
    I'm currently trying to research Patch Remediation for our environment.

    All the info here is old and goes back to the Juniper web site(s).

    Are there any good current documents about setting up Patch Remediation and how to set up the VPN device as well as any network configurations?

    I'm a little confused how the patch remediation happens if they're not connected to my enterprise environment.