Redoing inefficient patch labels and patch schedules
We've been using our SMA for several years now, mainly for endpoint inventory and Microsoft patching. Years ago, we were a pure Windows 7 shop but we're now a mixture of 7/10 (300 and 300, so about a 50% split). More and more, we've just been seeing tons of handshake failures and slow patching overall and I'm pretty sure a lot of the labels/schedules we've been using probably aren't following best practices anymore and may actually be doing more harm than good. We do employ replication shares so we don't have all our sites bombarding the SMA directly, but I'd like to create some new patch labels/schedules and I'd love to get some feedback on what works for people. As an example, one of the original admins who brought KACE into the environment had a single patching label for Windows patches. This patch label by itself has almost 1600 patches in it using the criteria below:
Type - is not - Software Installer
Impact - is - Critical
Publisher - contains - Microsoft
Superseded - is - No
While that may have been fine back in the beginning, it's probably detrimental to have our endpoints evaluate that many patch signatures during detection phases. It seems to me that incorporating some additional criteria such as OS (now that we're using both 7/10) and maybe including some date restrictions (such as limiting my patch label to only include patches released within the last 60 days) might better improve this process.
Additionally, our patch schedules target endpoints by Site (IP ranges), but that's it. Schedules can have 100+ devices in them which may also be causing us issues. I'm wondering if creating more patch schedules but defining more specific elements such as not only Site, but also chassis type + operating system, would give me smaller more efficient groups.
I'd love to just get some feedback from others to see how patch-related labels and schedules are being constructed in your environments and how it works for you and your users.
Community Chosen Answer
At first I would suggest to go to 10.0 and then redo all of your labels.
With 10.0 a new patching mechanism was introduced which means it makes sense to start new with the knowledge you have now you can create more efficient labels and schedules.