none
Deploying Updates via WSUS Server and Windows Update RRS feed

  • Question

  • Hi everyone,

    At the moment we deploy all our updates through our own WSUS server; updates get downloaded to it and then it pushes them out to all the clients.

    This works fine, but the we have a lot of remote sites which means that we have to restrict the amount of bandwidth they can use to download updates which means it can take a very long time for these clients to update.

    We would like to have it so that our main offices still get their updates through the WSUS server but the remote sites get their updates from the Windows Update server and still report to the WSUS server.

    Does anyone know how we can accomplish this?

    Any help/advice is would be great.

    Thank you,

    Kevin Jones

     

     

     

    Monday, October 25, 2010 12:32 PM

Answers

  • At the moment we deploy all our updates through our own WSUS server; updates get downloaded to it and then it pushes them out to all the clients.
    Actually, it doesn't push anything, and this is a critical point to be aware of when engaging in bandwidth management.
    This works fine, but the we have a lot of remote sites which means that we have to restrict the amount of bandwidth they can use to download updates which means it can take a very long time for these clients to update.

    We would like to have it so that our main offices still get their updates through the WSUS server but the remote sites get their updates from the Windows Update server and still report to the WSUS server.

    Does anyone know how we can accomplish this?

    Yes, but it requires a second WSUS server. Create a replica server for your remote clients, but do not create a local content store. The absence of the local content store will cause the client systems to download direct from Microsoft.

    Of course, this isn't really going to help your bandwidth management, you'll just defer those remote clients from downloading from the central site to downloading from Microsoft -- you'll still have all of those clients downloading using the remote site's available bandwidth, which is likely where your primary bottleneck exists. In addition, those clients will still download updates using BITS constrained bandwidth limits, so it's not likely that the downloads will occur any faster, or that your clients will be updated any sooner.

    Perhaps a better solution, if you truly do have constrained bandwidth to your remote sites is to install a remote replica server, so only ONE transfer of content needs to take place between the central site and the remote site(s).

    Also, judicious selection of the number of updates approved at a single time, in combination with using the maximum detection frequency, can spread those downloads out over a longer period of time, thus reducing the number of simultaneous connections executing.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2010)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    My Blog: http://onsitechsolutions.spaces.live.com
    Monday, October 25, 2010 3:48 PM
    Moderator