Just want to get some opinions from you guys. When you do Microsoft Security Patches for your production servers, do you have all your servers get the updates from a local WSUS and get the approved patches or point to Microsoft periodically and get everything. We have about 100 servers and each of them has different role.
From our experience with security patches, once in a while, Microsoft comes up with something that causes something does not work in production environment.
