Hello Knowledge Experts,
I'm looking for solutions for the following scenario:
I have a maintenance design plan in which I need to control the windows patch level for a regulated device.
At some point in time I need to snapshot a known set of patches and make that the distribution release configuration. I need the ability to do offline patches with a known set of updates. The reason, the device and its configuration must be validated
and verified through our QA process. After which strict change controls are in place to avoid any risks associated with change after final validations.
Three Challenges:
1. Determine and record a set of patches which will become the release patch level.
2. New machines out of the box must be patched and configured to the above patch level can be offline or online.
3. Machines in the field which require an upgrade of our software in the future must be patched to the verified configuration of patches, offline. The machines in the field have no network
access; and must be patch via CD/DVD/BlueRay or USB.
I'm not familiar with Windows Server Update Services so any articles or documentation links for also be appreciated. If I’m barking up the tree; what options will I have for discovery and installation
of individual patches? The plan further goes into details around scheduled review of patches for vetting possible impacts to the released systems.
I’ve looked into imaging the operating system and replicating. But now currently I’m researching manual update options.
I'll need a solution to download patches, identify them in a record, create media with that configured list for offline installation.
Thank You!