locked
How to get windows updates offline RRS feed

  • Question

  • Hi,all

    I want to get windows updates (win7/win server2003/2008)periodically,but our stations and servers are not connected to Internet,so I must download the windows patches manually.

    Could you sharing your best way to get windows updates and install offline with me? I know some tools such as MBSA ,WSUS. but I have no experience on it .thanks all of you

    Lorin

    Nov.7.2014

    Friday, November 7, 2014 3:06 AM

Answers

  • This is exactly the kind of scenario you would use WSUS (Windows Server Update Services) for.

    WSUS will need internet access to download updates from Microsoft. Clients can connect to WSUS to download the updates (and thus require no internet connectivity).

    If security requirements would not allow this, it is also possible to have an 'online' WSUS that download the updates, export them from there and import them in another completely offline WSUS. In my opninion you should avoid this scenario as it adds complexity for only very small security advantage.

    Check the scenarios described in http://technet.microsoft.com/en-us/library/cc720448(v=ws.10).aspx



    MCP/MCSA/MCTS/MCITP

    • Marked as answer by Lorin_Tang Tuesday, November 11, 2014 2:51 AM
    Friday, November 7, 2014 8:28 AM
  • Hi Lorin,

    Managing WSUS on a disconnected network involves exporting updates and metadata from a WSUS server on a connected network and then importing all that information into the WSUS server on the disconnected network.

    There are three steps to accomplishing an import and export.

    First, make sure advanced synchronization options for the express installation files feature and languages on the export server match the settings on the import server.

    Second, copy updates from the file system of the export server to the file system of the import server.

    Third, export update metadata from the database on the export server, and import it into the database on the import server.

    For detailed information, please refer to the link below,

    http://technet.microsoft.com/en-us/library/cc720512(v=ws.10).aspx

    Best Regards.



    Steven Lee

    TechNet Community Support

    • Marked as answer by Lorin_Tang Tuesday, November 11, 2014 2:51 AM
    Friday, November 7, 2014 10:02 AM
  • thanks for your reply,i found a software named"wsusoffline" form Germany.

    i can dowanload the updates of different OS and burn it into CD/DVD and install.

    it seems very pratical

    Tuesday, November 11, 2014 1:17 AM

All replies

  • This is exactly the kind of scenario you would use WSUS (Windows Server Update Services) for.

    WSUS will need internet access to download updates from Microsoft. Clients can connect to WSUS to download the updates (and thus require no internet connectivity).

    If security requirements would not allow this, it is also possible to have an 'online' WSUS that download the updates, export them from there and import them in another completely offline WSUS. In my opninion you should avoid this scenario as it adds complexity for only very small security advantage.

    Check the scenarios described in http://technet.microsoft.com/en-us/library/cc720448(v=ws.10).aspx



    MCP/MCSA/MCTS/MCITP

    • Marked as answer by Lorin_Tang Tuesday, November 11, 2014 2:51 AM
    Friday, November 7, 2014 8:28 AM
  • Hi Lorin,

    Managing WSUS on a disconnected network involves exporting updates and metadata from a WSUS server on a connected network and then importing all that information into the WSUS server on the disconnected network.

    There are three steps to accomplishing an import and export.

    First, make sure advanced synchronization options for the express installation files feature and languages on the export server match the settings on the import server.

    Second, copy updates from the file system of the export server to the file system of the import server.

    Third, export update metadata from the database on the export server, and import it into the database on the import server.

    For detailed information, please refer to the link below,

    http://technet.microsoft.com/en-us/library/cc720512(v=ws.10).aspx

    Best Regards.



    Steven Lee

    TechNet Community Support

    • Marked as answer by Lorin_Tang Tuesday, November 11, 2014 2:51 AM
    Friday, November 7, 2014 10:02 AM
  • Steven,Good Morning!

    Thanks for your quick reply,I was not very clear what you said when i read it firstly.But i am very clear now since i google the feature of WSUS .it likes a Server/Client mode.

    The key is that our offline network exist win7/win server 2008.But different OS may need different updates.

    Can the WSUS server identify which updates the win7/server2008 need really?

    Serveral days ago,my colleague share a software made in Germany ,named "WSUSoffline". i can download the updates of WIN7/Server2003/2008 ect in my PC,then I can burn it into CD/DVD and install it on offline station. it seems very useful

    Anyway,thanks again.

    Tuesday, November 11, 2014 1:13 AM
  • thanks for your reply,i found a software named"wsusoffline" form Germany.

    i can dowanload the updates of different OS and burn it into CD/DVD and install.

    it seems very pratical

    Tuesday, November 11, 2014 1:17 AM