Enterprise Threat Protector (ETP) may need to upgrade ETP Client with a new patch to fix a security vulnerability, support an operating system update, or fix major ETP Client issues. In the Configuration Settings for ETP Client, you can choose to enable the Automatic Upgrade for Critical Patches option to automatically apply security patches to ETP clients across your network. If you choose to disable this setting, an ETP administrator can instead download, test, and approve the patch like any other software upgrade.
After you approve an ETP client, you can then choose to force an upgrade or select an On Demand option. The On Demand option allows end users to install the update within 1, 3, or 7 days. For more information on software upgrades, including the upgrade process, see Software upgrades.