1 of 1 people found this helpful
We have a complete solution for networks that have laptops that roam to different locations or that park and dock outside the office. For devices you can use the agent-based features provided by Shavlik Protect, which are implemented using Shavlik Protect Agent. With Shavlik Protect Agent you can be sure that these machines are scanned regularly, even if they are disconnected from your network.
Agent Quick Start Guide:
Please let us know if you have any questions on the agent-based solution.
The Shavlik Agent is exactly what you want.
There are "other" products that would enable a user to scan and patch their own machine, but they won't let you audit the state of these remote machines, and the end user would need to be a local administrator on that machine to install the patches.
With the Shavlik Agent "cloud" enabled, the remote machine can not only be scanned, patched and the results returned to your Shavlik Console, it will also pick-up changes to your Agent Policy(s) whenever it has internet access, so can always be sure it is compliant.
The Agent is free with all versions of Shavlik (Standard and Advanced).
By reading over the Agent Quick Start Guide, it looks like I could create a "distribution server" and set up a scheduled sync that would copy over any up to date definitions/patches from the console to the distribution server.
Say I have a user who is going to be on travel for 3 weeks and he/she utilizes many Java intensive apps on a regular basis. A new Java update is released while that person is on travel, and Java need to be updated to the latest verison. Can this employee, as a standard user without any admin privledges, open up the Shavlik Protect Agent, scan the laptop (via HTTP it looks like) and see what patches need to be installed? If there was 7 total patches that the user was missing, would it be possible to ONLY choose the Java update, or would they have to install all 7?
Correct, you do have the option to use a Distribution Server as a share for the agents or you can opt to have the agent download files directly from the internet. Both are viable options for the agent.
For the 'next question', the agent should be able to perform what you are describing with some configuration on the agent side. The non-admin user would be able to open the Agent GUI and initiate a scan with deployment. The scan would control what is scanned for and deployed so you could setup a scan only to look for java patches if you like. You can have multiple scans per agents in case you also need a scan for the remaining patches.
Please let us know if you have anymore questions.
We also have some very helpful videos on agents: