noahtalerman
commented
7 months ago Problem
As a fleet customer, I want to be able to designate a batch of versions/ all versions that are still receiving patches to remove the need for me to go update every time Apple pushes a new version.
Potential solutions
- Maybe a monthly webhook to start, that includes a list of all the hosts
(Then we get ticketing integration for free because they’re already built on top of webhooks for vulns and posture triggers)
(Then we can use it as an excuse to configure a clock-time-based batching option for any policy failures, whether it’s a laptop age-out or a long-running security/compliance problem that sat unfixed for so long on your computer that we finally cut you off) Or option to download as a CSV
Context conversation with Austin Lin
One thing I didn’t get a chance to mention is on the screen you were showing with target OS versions, one of the features I always want (which I first saw in Duo) is the ability to just say X most recent versions or all versions that are still getting patches. Basically remove the need for me to go in and update it everytime Apple pushes a new version.
For windows the “all versions that are still getting patches/support” is even more useful because their versioning system is so confusing.
Remove reaction 👍 1
View Austin’s profileAustin Lin Austin Lin 5:07 PM Also would love to see that same idea for hardware, target is all devices are on supported hardware or no more than 4 years old. Bonus points for the ability to say “no more than 2 hardware generations old” or “no more than 3 years old from when the model was released” since I think for tech forward companies those are way better targets for ensuring folks have modern laptops/phones/etc Mike McNeil sent the following message at 7:21 PM View Mike’s profileMike McNeil Mike McNeil (He/Him) 7:21 PM What would be a cool experience for the IT admin when that happens? (Re hardware)
I’m imagining you’d want to create tickets including any new hosts that now have expired hardware, including enough identifying info that the team purchasing laptops can look up the right address.
(maybe we manage to sniff that shipping address off the IdP login / noMAD-esque flow from when they got ADE’d/Autopiloted, if it lives in the IdP. But address could have changed since original hardware ship date. Worst case solvable with webhook instead of ticket and something like Tines) Austin Lin sent the following messages at 9:05 PM View Austin’s profileAustin Lin Austin Lin 9:05 PM Think the experience depends on the size of the company probably for a small company it’s probably a ticket/email/etc. for a large company it’s probably a report they pull monthly and bulk order the computers. View Austin’s profileAustin Lin Austin Lin 9:06 PM FB had custom tooling for this and it would basically surface to users that they were upgrade eligible and then the user could submit a ticket, but in the background IT was bulk purchasing laptops based on laptop fleet age (and other factors) FEB 4 Mike McNeil sent the following message at 11:34 PM View Mike’s profileMike McNeil Mike McNeil (He/Him) 11:34 PM 👏 👍 👎 😊 😞
Maybe a monthly webhook to start, that includes a list of all the hosts?
(Then we get ticketing integration for free because they’re already built on top of webhooks for vulns and posture triggers)
(Then we can use it as an excuse to configure a clock-time-based batching option for any policy failures, whether it’s a laptop age-out or a long-running security/gompliance problem that sat unfixed for so long on your computer that we finally cut you off) Or option to download as a CSV
FEB 5 Austin Lin sent the following messages at 8:14 AM View Austin’s profileAustin Lin Austin Lin 8:14 AM Yep that would work Or option to download as a CSV
Goal
This is the way it works for Windows in Fleet today. You set a deadline and that's it. When there's a new Windows OS update available, the end user is forced to upgrade after the deadline passes.
Changes
Product
Engineering
Context
QA
Risk assessment
Manual testing steps
Testing notes
Confirmation