Get Started with Patch Policy

Use the Patch Policy application to establish continuous patching across your enterprise. A patch policy is a set of criteria that defines a patch list; that is, a collection of Fixlets that meet the patching criteria of a specific set of endpoints. Create patching schedules for different groups of machines and assign different deployment behaviors to each. Set patch timing, frequency and duration, pre-caching and retry behavior. Stagger start times, bypass errors, and notify device owners when a restart is pending.

Implement a patching strategy that meets your organization’s patching cycles and security guidelines. Use patch policies to establish and maintain a process of continuous security and compliance for your organization. Patch Policies currently supports the sites listed under Supported Patch Sites.


  • BigFix Platform version 9.5.5 or above.
  • BigFix WebUI installed and running.
  • Subscriptions to all applicable BigFix patch sites.

From the BigFix Console, enable any patch sites that are relevant to your deployment and subscribe all computers to those sites.