# Setup Wizard The wizard walks you through automatic deployment of patch remediation for each patch vulnerability level (Critical, High, Medium, and Low). **Welcome** - Use the guided setup to configure to meet the needs of your organization. See [Welcome to Patch Express](#welcome-to-patch-express). **Integrations** - Integrate a partner product with Patch Express. See [Enable Vulnerability Detection](#enable-vulnerability-detection). **Enablement** - Enable automatic deployment of patch remediation for the specified vulnerability level. See [Use Copy From](#use-copy-from). **Remediation Schedule** - Schedule automatic remediation of the specified patch vulnerability level. See [Select a Remediation Schedule](#select-a-remediation-schedule). **Detection Integrations** - Enable detection integrations for the specified patch vulnerability level. See [Detection Integrations](#detection-integrations). **Patch Pre-staging** - Enable content pre-staging to download all patches to applicable and licensed devices prior to deployment. See [Enable Patch Pre-staging](#enable-patch-pre-staging). **Deployment Notifications** - Notify administrators about the specified patch deployment. See [Configure Deployment Notifications](#configure-deployment-notifications). **Approval** - Setup approval before deploying the specified patch vulnerability level patches. See [Configure Deployment Approval](#configure-deployment-approval). **Test Deployment** - Deploy the specified patch vulnerability level patches to a test group before production deployment. See [Configure Test Deployment](#configure-test-deployment). **Test Approval** - Setup approval before deploying the specified patch vulnerability level patches to test devices. See [Configure Test Approval](#configure-test-approval). **Complete** - Complete the OneSite Patch Express Setup process and save the settings to the server. See [Complete](#complete) . ## Welcome to Patch Express You may choose to walk through the guided process immediately to start and configure auto-remediation, or cancel the wizard and come back to it later. To prevent the wizard from starting automatically, select **Don't show again**. Select **Begin** to get started. Your first step is [Integrations](#detection-integrations). ![](/files/B6AaVtWgayrhSGxqhCbu) ## Integrations The Integrations page allows you to configure a partner product to work with OneSite Patch. To integrate a partner product, you must have a valid license for the partner product. This is in addition to the base license for OneSite Patch. Without a valid license installed, the integration pane has no options for integration. If you do not have a license for your partner product, contact [Adaptiva Customer Support](https://adaptiva.com/support). ### Integrate a Partner Product 1. On the Integrations page enable your partner product integration. * If you have licensed a partner product in Patch Express, you will see it listed here. * If you do not use a partner product, skip to [Enablement](#enable-vulnerability-detection). ![](/files/2MGXf3UP4wNGxToWglhi) 2. Select the ***\[Partner Product]*** toggle to enable or disable (default) integration of your partner product. * With the product enabled, the Steps of the left navigation menu include a new item related to product integration. ![](/files/NqSjbDtT1pZKA9g6Eo7o) 3. Select **Next** to enter the partner product integration details. If you do not have these details, see [Partner Integrations for OneSite Patch](/patch/integrations/integration-partners.md). to create or find them. ![](/files/zllOgBMgiTxozWyCe4nD) 4. Select **Save** above the partner access settings to save the integration details. ![](/files/2Ez5QjAVYluidftyL07k) 5. Select **Next** on the bottom right corner of the **Patch Express Setup Wizard** to enable auto remediation. ![](/files/vNbVHOxXpyqji83QzWk8) ## Use Copy From When you have completed at least one configuration for a remediation level, you can easily create new levels using the same details, and then customize only those details that might be different, such as Business Unit or approval roles. To copy a patch vulnerability level, complete the following steps on the [Enablement](#enable-vulnerability-detection) tab: ![](/files/t5j70u89sQBJ4cgOn1l3) 1. Use one of the following methods to select the Patch severity level that you want to configure or change: ![](/files/s2MiSDKTiyDtmgelGl4Q) * If enabled, click the patch severity level from the Steps menu on the left navigation pane of the Patch Express Setup. The example uses High Patches * Otherwise, click **No** to cycle to through the remaining patch severity levels. > **Tip** > > Selecting No to cycle through each patch severity level in the wizard without configuring them enables each selection in the Steps menu for easier navigation between levels. 2. Select **Copy From**, and then select a **patch severity level** to copy. The example begins with High level patch remediation, so the available levels available to select are as follows: * **Copy Auto Remediation Level Low** * **Copy Auto Remediation Level Medium** * **Copy Auto Remediation Level Critical** 3. Select OK to return to the **Enablement** tab. The remediation level you started with now uses the same settings as the level you copied. ![](/files/v0JD7NHKiXKW4hOBTSFJ) 4. To make any changes to the applied settings, click **OK**, and then select the patch severity level you started with, in this case High Patches. a. Select **Yes** to begin cycling through the applied settings. b. Verify that the applied settings used the correct Remediation, Detection, Patch Pre-staging, Production Deployment and Approvals, and Test Deployment and Approvals. c. Make any modifications necessary to reflect the needs of your environment for the selected patch severity level. 5. Select **Complete** on the left navigation menu, and then click **Finish** to save your changes. 6. Repeat this procedure or cycle through the [Enablement](#enable-vulnerability-detection) process to configure other severity level patch deployments. ## Select a Remediation Schedule 1. Select **Browse** to open the **Add Schedules** dialog. ![](/files/qoeJmQ00DOZur63kPreR) 2. Select a **Schedule** to add, and then select **Add Schedules** on the bottom-left corner to return to the **Remediation Schedule** step. You may add only one schedule to a remediation at a time. ![](/files/1PNZKbKPRbeTJ3quSzhI) 3. Select **Next** to go to the [**Detection Integrations**](#enable-vulnerability-detection) step. ![](/files/5XbGI8QX21hKQz5M35fl) ## Enable Vulnerability Detection Choose whether to use Adaptiva, a partner product, or both to detect vulnerabilities for patches. 1. Select the **Adaptiva** or **Product Partner** toggle to enable or disable one or more of the available Detection Integrations. You must enable at least one. ![](/files/ozMOjzSZDNHWAUrA1WRJ) 2. Select **Next** to [prestage patch content](#enable-patch-pre-staging). ## Enable Patch Pre-staging When you pre-stage patches, downloads the matching severity level patches to all licensed devices prior to deployment. This accelerates rollout time during deployment. Choose whether to pre-stage patches: * Select **Yes** to to enable patch pre-staging. This takes you to [Configure Deployment Notifications](#configure-deployment-notifications). * Select **No** to skip patch pre-staging. This takes you to [patch approvals](#configure-deployment-approval) (no deployment notification required). * There is no need to click Next from this tab. If you do click Next, it takes you to the Deployment Notifications tab. ![](/files/Tw3QgMNc4pSzbBQlg9AJ) ## Configure Deployment Notifications Choose whether to notify administrators of the vulnerability level patch installation and select the type of administrators to notify based on Roles. 1. Decide whether to notify administrators about the patch deployment: * Select **Yes** to choose the Roles to notify, and then continue with the next step. * Select **No** to skip notifications. This takes you to [Approvals](#configure-deployment-approval). * Select Next on the bottom right corner to skip notifications. This takes you to [Approvals](#configure-deployment-approval). ![](/files/Wu31ZxjLvUsY1tLxwUO8) 2. Select **Browse** to open the **Add Role** dialog. ![](/files/GUGNw8yRWBQuSh2YGGUs) 3. Select a **Role** to add. You may select only one. ![](/files/owaInHUbwtXcOIS2m6fJ) 4. Select **Add Role** to save your selection. This takes you directly to the [Approval](#configure-deployment-approval) tab. ## Configure Deployment Approval Choose whether to ask administrators to approve of the patch severity level installation and select the type of administrators to approve of the installation based on Roles. 1. Decide whether to request administrator approval of the patch deployment: * Select **Yes** to choose the Roles to approve of the deployment, and then continue with the next step. * Select **No** to skip approvals. This takes you to [Configure Test Deployment](#configure-test-deployment). * Select Next on the bottom right corner to skip notifications and approvals and go directly to [deploying to a test group](#configure-test-deployment). ![](/files/Xfbmzf8VSCwC7WbFi7ms) 2. Select **Browse** to add an administrator role for approvals: ![](/files/GUGNw8yRWBQuSh2YGGUs) a. Select a **Role** to add. You may select only one. ![](/files/owaInHUbwtXcOIS2m6fJ) b. Select **Add Role** to save your selection. This takes you back to the Approval tab and displays two additional configuration options: Approval Timeout (required) and Load Leveling (optional). ![](/files/RW9q9XstjYsIOMcSLG4a) 3. Set the number of **Days**, **Hours**, or **Minutes** to wait for approval to occur: ![](/files/QZloW9daUjzXKtB8ffgD) * A non-zero value means deployment begins after the wait time passes, even if no one has approved. * If you use a zero value, the deployment waits indefinitely for approval. 4. (Optional) Enable and set a time frame for Load Leveling: ![](/files/7pY9z4718OEXsmDqaqeD) a. Select **Yes** to enable load leveling for the specified level patch deployments. When enabled, load leveling for the production patch installation occurs across all target devices. b. Set the number of **Days**, **Hours**, or **Minutes** for load leveling to occur prior to initiating production patch deployment. * If you don't specify a load leveling time, production patch installation deployment to all devices occurs immediately. c. Select **Next** to set up deployment to a test environment prior to production ## Configure Test Deployment Choose whether to deploy the vulnerability patch installation to a test group prior to production deployment (recommended). ![](/files/r0SnvkNLWmgwm3mRfO6l) 1. Decide whether to deploy the patch installation to a test group (recommended): * Select **Yes** to configure test group installation, and then continue with the next step. * Select **No** to skip setting up a test environment and have all vulnerability patch installations deploy to the production environment. * This takes you back to the [Enablement](#enable-vulnerability-detection) tab where you can configure remediation for a different vulnerability level. * Select Next on the bottom right corner to skip setting up a test environment and go directly to test approvals. 2. Select **Browse** to show the available Business Units. ![](/files/4rDf7GF3CAieHfAqK37s) 3. Select the **Business Unit** to use as the test environment, and then click **Add Business Unit** on the bottom left corner of the dialog: * Patches deployed to a test environment do not use load leveling. * If Patch Pre-staging is enabled, the patch is pre-staged to all target machines, and then the machines assigned to the business unit that you specified for the test deployment. ![](/files/RFsOI4MfIdj2Ea8PG7if) 4. Choose whether to create preferences or test duration: ![](/files/50ksMLpm8ClMGCzMAJ3m) * To create preferences, click **+ Create Preferences** to control maintenance windows, user interaction settings, and reboots for the selected test environment. See [Patching Preferences](/patch/onesite-patch-express/express-patching-preferences.md) for configuration guidance. * To create a test duration (Optional), set the number of **Days**, **Hours**, or **Minutes** to specify how long the test patch deployment process will run before initiating production patch deployment. 5. Select **Next** to set test approval requirements. ## Configure Test Approval Decide whether to ask administrators to approve of deploying the patch installation to a test environment and select the type of administrators to approve based on Roles. 1. Decide whether to request administrator approval of the patch deployment: * Select **Yes** to choose the Roles to approve of the deployment, and then continue with the next step. * Select **No** to skip approvals. This takes you to back to Enablement where you can configure remediation settings for another vulnerability level. * Select Next on the bottom right corner to go directly to back to Enablement where you can configure remediation settings for another vulnerability level. ![](/files/utBlbyKg6twWYPSUGu5G) 2. Select **Browse** to open the **Add Role** dialog. 3. Select a **Role** to add, and then click **Add Role**. to return to the Test Deployment tab. ![](/files/hjbqpt8s3qjSANlCEmTq) 4. Set the number of **Days**, **Hours**, or **Minutes** to wait for approval to occur: ![](/files/QZloW9daUjzXKtB8ffgD) * A non-zero value means deployment begins after the wait time passes, even if no one has approved. * If you use a zero value, the deployment waits indefinitely for approval. 5. Select **Next** on the bottom right corner of the dialog to return to the [Enablement](#enable-vulnerability-detection) tab: * Repeat all steps for the next vulnerability level configure remediation for other vulnerability levels. * To skip other vulnerability levels and finish the Express Setup, click **Next**. ## Complete Select **Finish** on the lower-right corner of the **Patch Express Setup** dialog. The patch remediation automatically begins on the specified schedules when you complete the wizard. ![](/files/wGvJAK2FsRbZJGBvju8e) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.adaptiva.com/patch/onesite-patch-express/express-setup-wizard.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.