Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

wsus update

Posted on 2014-10-07
3
Medium Priority
?
245 Views
Last Modified: 2016-02-13
Recently some expert gave me comment on the WSUS in my office but I was unable to understand the large part of it.
Could i get help on it. We are not using any IBM Servers so is Compliance required. We are not using SCCM so is it required for WSUS. I do not know how group policy is related to WSUS.
He said :- 1.      If we start the patching from Friday night and keep it for the complete Saturday it will be good. Reason many times some server do not come up automatically. This can be any hardware failure (hard disk, power supply etc.) We get a complete Sunday and then we can bring up most of the servers having minor faults, therefore Monday morning will avoid any extra hindrance to our business.
2.      There is no role of SCCM mentioned here. System Center Configuration Manager (SCCM) interoperates with WSUS, and is able to import third party security updates into the product.
3.      WSUS does not require the use of Active Directory; Client configuration can also be applied by local group policy or by modifying the Windows registry
4.      One can also approve updates for "detection" only, allowing an administrator to see what machines will require a given update without also installing that update
5.      What about the testing of patches and monitoring them to see if the production servers become compliant and no conflicts are there e.g firewall etc.
6.      We have to mention how to remediate if any compliance issue occurs for security, software patch, and software configuration.  
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
0
Comment
Question by:ITISEMEA
3 Comments
 
LVL 5

Assisted Solution

by:Sean Jackson
Sean Jackson earned 400 total points
ID: 40365926
I don't really understand what you're asking, but I can speak to the local group policy.  If you're not using Group Policy to set the individual machines, then you have to do it locally.  You set each machine to look to your local WSUS server for updates rather than looking to the Microsoft Mothership.  I'm on a mac right now, else I'd pull up the actual settings in gpedit.
0
 
LVL 35

Accepted Solution

by:
it_saige earned 1600 total points
ID: 40365978
First, SCCM is not required for WSUS and vice versa, these are two stand-alone products from Microsoft.  Since you are primarily concerned about WSUS I will speak to this.  WSUS (Windows Server Update Services) gives you the capability manage the distribution of Microsoft updates to your Windows based computers.

Group Policy is mentioned because WSUS is generally confirgured via Group Policies.

http://technet.microsoft.com/en-us/library/dd939933(v=ws.10).aspx

But you can also configure WSUS via Registry Keys:

http://technet.microsoft.com/en-us/library/dd939844(v=ws.10).aspx

-saige-
0
 

Author Comment

by:ITISEMEA
ID: 40366265
I have an update that Group policy will be used so if any consideration you would suggest than url above. SCCM i think  interoperates with WSUS, and is able to import third party security updates into the product. So any third party tool you would recommend for the application patching. Also the VMs are there so is there any separate consideration for them in WSUS or just the same things apply.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question