locked
NAP:about security update protection RRS feed

  • Question

  • I enabled NAP with dhcp enforcement in our lan, and set security health validator to restrict access for clients tha not have all availible security updates installed.

    Our clients get windows updates from our WSUS server, and schedule to install the update at 12:00.

    Now, I find that if a new security hotfix is approved,  the client will be restried access from it get the update list to restart windows. Usually, it happed in work time, it will interrupt our normal job.

    I do want to enable security update check, but I donot want to restrict access at the first time the client got updates. Is there any way to resolve this issue?

    Friday, March 12, 2010 12:08 AM

All replies

  • I think you can configure the "specify the minimum number of hours allowed since the client has checked in for new security updates" in the windows security health validator. Or install/deploy your own WSUS server in your environment and choose your own patch deployment time.

    Regards

    Qunshu


    Clarification: Microsoft doesn't own any liability & responsibility for any of my posting.
    Wednesday, December 29, 2010 1:12 AM