Automating Windows Update Status Scans

I'm dealing with some 50 workstations of Windows 10 Pro in a peer-to-peer network.  The practice has been for the machines to be inspected manually on a weekly basis for update status.  It doesn't take too long really but it would be better no doubt to automate the process.

I've not found anything that really does the job.
Nessus doesn't seem to offer a template that does this particular scan.
PRTG may do it but I'm going to have to get the target machines to respond using the right security protocol.
MBSA seems to "work" but not very well for scanning Windows 10 machines - lots of loose ends.

Other than changing our ways, which isn't even part of this question, what might you suggest?
Our ambitions are quite limited - so you might keep that in mind.
LVL 28
Fred MarshallPrincipalAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SeanSystem EngineerCommented:
So these are not setup in a windows domain?
You could still use a WSUS server but you would need to set the WSUS settings manually in the registry to point the computers at the WSUS server.
You'll need to just have a windows server available and install the WSUS role. The PCs will check into this server and report their status and download all updates from that central server.
Fred MarshallPrincipalAuthor Commented:
Yes, I think that peer-to-peer means "not in a windows domain" - but there may be nuances that I'm oblivious to.
And, that also means there will not be a windows server available.

I'm leaning toward GFI Languard now.
I didn't really try to get PRTG working so I don't have a good idea what the results might look like or the remediation steps, if any, are provided.  I rather doubt it.
I got Nessus running but didn't like the results in terms of integrating into remediations.  You can find the vulnerabilities, you can find which hosts they apply to manually, you can find some description of the remediations but no automated process for a single host + vulnerabilities.
Fred MarshallPrincipalAuthor Commented:
We ended up installing GFI Languard.  The results are impressive re status of things.  Support, including the community forum, seems to be nonexistent.  Truly - *nonexistent*.  So that's a bit of a frustration in getting up to speed.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Fred MarshallPrincipalAuthor Commented:
I'm rather amazed that there were no better answers or suggestions on EE!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 10

From novice to tech pro — start learning today.