Frequently Asked Questions
What is Automox?
Automox is the only cloud-native patching platform that fully automates patch management across Windows, macOS, Linux, and third-party software—including Adobe, Java, Firefox, Chrome, and Windows. Automox works across both computers and servers and is designed for remote workforces. From “click, set, forget” automation to complete scheduling and workflow control, Automox results in greater corporate security, improved productivity, and incredible time savings.
What can I tell my employees about the Automox agent if they are concerned?
Automox is a simple lightweight tool that will ensure that employee systems are up to date with all critical patches. Automox does not, cannot, and will not, snoop or have access to any sensitive or encrypted data. By using Automox, your employees will help to make sure that your company is more secure and not the next company in the headlines explaining why they had a data breach.
How secure is Automox?
We take the security of our platform very seriously. Our development team has decades of experience building security applications for the cloud. Please visit our security page to learn more about security at Automox.
What types of devices does Automox support?
Automox can natively patch and manage any laptop, desktop, server, VM, or container that runs most recent builds of Windows, macOS, and Linux. In general, any device that can securely connect to the Internet and run PowerShell/bash commands can use Automox. Mobile devices, including Android and Apple phones, as well as IoT devices, are not currently supported.
How is Automox better than simply running auto updates?
Running automatic updates is like dividing your security policy up among each of your employees, and hoping that they patch and maintain their individual systems. This approach can work for individual machines, but often fails at scale. Human behavior takes over, and machines miss patches or ignore critical updates, greatly increasing attack vectors.
Running only auto updates creates risks and inefficiencies for your entire organization:
- When an end user skips a patch, they expose your entire network to risk
- The constant need to update software and remove unapproved software is a nuisance for IT managers. Auto updates offer no single view of OS and software updates available to your organization, or a view about devices that are out of compliance
- Auto updates do not give IT a central / single location for reporting on inventory, patch level, configuration settings, or compliance status
- Auto updates provide no reporting or verification of endpoint status, patches applied, or level of vulnerability
- Auto updates are inconsistent and can rarely force the user to update / install critical security releases
- Common malware silently disables OS auto updates and patching
100% of Automox customers using other patching methods found and fixed existing critical patches with Automox.
How do I contact support?
If you need further assistance, you can contact us through our help center or email us at support@automox.com
Patching
Can Automox deploy and patch custom or third-party software?
Yes. Through the use of our custom policy engine it is easy to set policies that deploy and patch both third-party and custom software. Administrators can also deploy any software title on schedule if it is not installed on a device.
Can I customize system configurations?
Yes. You can customize almost any device configuration action within the platform through the use of our custom policy engine.
Does Automox Patch Servers?
Yes. Automox patches Windows and Linux servers including cloud instances, Docker containers, and virtual machines (VMs).
I don't want full automation. Can I customize Automox to match my manual patching workflow?
Absolutely. The default setting of Automox is full automation, but you can easily turn the automation settings off and manually patch devices and deploy software and scripts.
What else can Automox do besides OS and third-party software patching?
- Unpatched Vulnerability Status: See the full status of your infrastructure at a single glance and know exactly what systems need attention.
- View Your Complete Inventory: See your entire device and software inventory from anywhere in the world, and know exact patch status.
- One-Click Reporting: With Automox pre-patch, post-patch, and software reports, you gain instant visibility into your systems, their patch and vulnerability status, and the software installed across your organization. Spend more time using reports to make decisions and less time finding the right data. Make audits a breeze with reports built to prove patching and conquer risk.
- Manage both Devices and Servers: With Automox you can manage your full client and server infrastructure from a single console.
- Deploy and Patch Third-Party Software: The Automox platform is capable of deploying, patching, and enforcing required software on endpoints and servers. You can also blocklist unwanted software to prevent malicious or unsafe apps from appearing your network.
- Manage Configurations: The Automox platform offers a custom policy engine that allows customers to create custom scripts for both evaluation and remediation, enabling control over everything on your system—from password length and printer drivers to firewall settings and USB access, and everything in between.
What if I have a WSUS server? Do you work with that? Do I still need it?
Automox interfaces with the Windows update application on the endpoint and can work with or without a WSUS server. Automox fully manages patch scheduling and delivery, or can be used in concert with WSUS as a local repository.
Software Applications
What third-party software can Automox patch natively?
Automox supports a list of third-party software that can be natively deployed and patched. You can find the full list here. If we do not natively support a particular software, it can always be deployed and patched through the custom policy engine.
Can Automox deploy and patch custom software?
Yes. Through the use of our custom policy engine it is easy to set policies that both deploy and patch custom software. We have a number of pre-packaged scripts that allow you to quickly create policies that deploy many common software titles.
Automox Agent
Does Automox require an agent?
Yes. Automox leverages a very lightweight agent that must be installed on every managed endpoint. For details about agent deployment, see more in the Automox Agent Installation Overview.
Are there direct agent download links?
These are download links for each operating system:
- 32-bit CentOS, Fedora or RedHat,
- 64-bit CentOS, Fedora or RedHat,
- 32-bit SUSE,
- 64-bit SUSE,
- 32-bit Debian or Ubuntu,
- 64-bit Debian or Ubuntu,
- macOS,
- Windows.
What access does the Automox agent have on an endpoint?
The Automox agent has very limited access to the endpoint and is not natively capable of accessing or removing data or files from the device. Compared with other tools like Airwatch and others which have control of the camera, access to the mic, and can intercept data in transit, that is not the intended functionality of Automox. Automox is not as invasive as other tools and can only add/update/delete software and configuration settings.
How do I distribute the agent?
Automox provides scripts and documentation for remote, bulk deployment of the Automox agent. Operating-system specific deployment scripts are available for macOS, Windows, and Linux, and can be used with a number of deployment applications including Windows Group Policy. We also have scripts and supporting documentation to deploy Automox with Ansible and JumpCloud.
How do I uninstall the agent?
See the Agent Removal Instructions for details on uninstalling the Automox agent.
Pricing
How is Automox billed?
Automox is designed for fair pricing based on how many systems are managed in the platform. A system is any laptop, desktop, VM, or server you add to the platform.
Do you support MSPs?
Yes, we have an MSP specific offering. Please visit our partners page to learn more and sign up for our MSP partner program.
What happens if I cancel my subscription?
If you decide to cancel your subscription, you will still have visibility to all of your systems, allowing you to monitor your infrastructure. We provide free lifetime monitoring where you can see new vulnerabilities, patch updates, and current configurations for each system. You won't be able to patch or actively manage your systems until you reactivate your account, which you can do at any time in the Automox platform.
What if I go over my prepaid annual system amount?
Your contract rate will remain in place for the number of systems included in your agreement. Overage systems beyond the number agreed upon in your contract will be automatically charged at the monthly rate per system listed on the website. System overages are billed to the credit card on the account at the end of each month. If you would like to increase the number of systems in your contract to avoid overages, please contact us at sales@automox.com.
How do I upgrade from a free trial to a paid account?
You can convert to a paid account at any time during your free trial. You will still receive the first 15 days free regardless of when you sign up for paid access.
To sign up for a paid account, go to Settings > Billing. Click Add Payment Method. After you input your credit card information and subscribe to a plan, you'll be able to continue managing your systems.
What payment methods do you accept?
We accept all major credit cards and ACH payments. If you require a PO, please contact sales@automox.com for assistance. For all invoicing questions, contact our team at support@automox.com. Checks are only accepted in limited cases for annual agreements.
You will be billed separately for each organization based on the plan and payment method you selected.
How Does Automox Work
What is the Automox setup process?
Setting up Automox within your organization is simple. Once you have created your account, simply log in to the platform and follow the getting started wizard to download the OS specific agent and install it on the endpoint. Once the agent is installed you will quickly see the endpoint in your dashboard with all of its attributes and software.
Are there any endpoint or server minimum requirements?
No, as a Saas platform we are all about making our enterprise-grade patching solution available to companies of every size. To see if Automox features meet your patching needs, you can sign up for our Free 15 Day Trial to experience Automox for yourself.
Does the product work for MSPs?
The platform is designed to work for MSP customers along with large enterprises that want to manage multiple locations or departments as independent entities. Toggling between accounts is simple with our MSP feature seen below, and role based administrators can be assigned for each account.
How do I customize the Automox platform?
Workflow Customization: Full automation is not for everyone. For customers that have a manual approval and test process Automox can easily match your custom workflows.
Creating Worklet Policies: Native to the Automox platform is our worklet policy engine. Here, if you can script it, you can manage it. You will find a wide variety of pre-packaged custom scripts that customers have created, and you can create (and upload) your own. Every worklet policy has an evaluation and remediation detail that can be customized.
What does Automox do behind the scenes?
You can think of Automox as a powerful policy based engine that is constantly evaluating the state of a client or server and checking that state against a predefined policy. If the endpoint or server is found to be out of compliance with a policy, Automox will execute a remediation action that will bring the client or server back into compliance. Learn more on our How It Works page.
Can you manage multiple locations or accounts through the Automox platform?
IT staff in large companies often operate as an internal managed service provider (MSP) supporting different departments and locations. Automox has native multi-site capabilities built into the platform that allow you to manage multiple locations / departments independently.
Does Automox have an API?
Yes. Automox has a complete REST based API built into the core of our product. The Automox API is a powerful interface that allows you to integrate Automox reporting data into your applications and control the various settings of your account.
Does Automox offer on-prem solutions?
Today Automox only offers a cloud-native platform for patching and securing your full client and server infrastructure. If you have concerns about the security of leveraging a cloud-native patching platform head over to Automox security.
Using Automox
What operating systems does Automox support?
Automox includes native support for Windows, Linux, and macOS, as well as a a growing number of additional operating environments. Click here for a complete list of all supported operating systems.
What is an organization?
Organizations are designed for users that need to separate billing across multiple accounts. Each organization has its own access key, systems and billing information. If you simply need to separate systems logically, groups are a better choice.
How do I work with groups?
Groups are a handy way to organize endpoints within your organization. Our grouping system is very similar to your computer's filesystem structure, where each endpoint is a file and each group is a folder.
At first, you will only have a single, default group, named “Default”. It will be assigned a “Default” patch policy that is turned off. The default group is configured to inventory each endpoint every 24 hours.
To create new groups, the “Create Group” button is located in the upper right section of the Groups screen, available via the Manage menu. If you need to delete a Group, simply click to edit that group and click the Remove Group button at the bottom left of the screen.
How do I create a new zone?
An initial organization is created when you first create your account. To add an additional zone, select Manage Zones and Users from the Zones menu on the top right of the console, and then select the Add Zone button at the upper left of the screen. You can switch your current view to a different zone through the same menu.
How do I restore a deleted endpoint?
If you delete an endpoint from your console but would like to add it back, the agent on the endpoint will try to connect using its old unique ID. To add it back to the console, you simply de-register the agent on the endpoint to get it to add itself back into the console.
See Deregistering the Agent for details.
Reports: What events are logged?
The reports page of the console provides access to advanced reporting capabilities in the platform along with an activity log. There are the three advanced reports:
- Overview Report: Provides a device overview, a history of patches applied, and outstanding patches with their aging. This report is designed to be shared with executives and provides a current snapshot of your overall system's vulnerability.
- Pre-Patch Report: Shows you a list of all the pending patches per endpoint along with severity and exposure information allowing you to effectively assess internal impact.
- Needs Attention Report: Gives you a list of endpoints that need attention along with the relevant information, so you can focus on specific systems issues, saving valuable time and resources.
- Activity log provides logging and reporting on the following Automox system events:
- Policy Actions - Any time a policy is executed, the actions performed along with success or failure will be reported
- Patch Actions - Any time a manual “Patch Now” action is executed
How do I work with policies?
As you begin to configure Automox for your needs, you will start by creating policies. Each policy handles a specific task, such as keeping your systems patched, ensuring software is installed, or anything else you can come up with.
We break policies into three different policy types:
- Patch - Keeps the operating system and third-party software up to date
- Required Software - Ensures that a particular software is always installed
- Worklet - Used to perform any task that can be scripted.
