I have received conflicting answers on this, from colleagues in VSA should I use Patch management? or Software management? or a combination of?
I need to get my patching moved over to VSA prior to my old Patching solution expiring..
We use only Software Management now personally, as Patch Management doesn't work very well at all with Windows 10. BUT, we set the workstations to use the newer setup GPO type of Windows Update to mandate when the updates happen and what gets patched and when to reboot, etc - but we have no visibility as to what is or isn't getting patched this way on workstations. For servers we use the traditional way of setting up Software Management.
The main reason we do this in this method is because the (Peer to Peer that is supposed to happen with SM - doesn't happen at all - and this means all the patches going to end points get pushed from the VSA - so the bandwidth either has to be carefully managed so patching goes on over an extended period of time thru several policies (READ - 250 endpoints and it would require nearly 25 policies to control timing, or more!). If all the patching kicks off at the same time using the regular method, even the heftiest of bandwidths gets sent to it's knees crying!
Like a lot of others, if we weren't tied to Kaseya via contracts we would seriously consider using other products to manage patching ... in fact the only thing that Kaseya does better (for what we use a lot) than anyone else is scripting automations ... Patch Management, Auditing, Remote Control, etc is all done better by other products.