Automating Windows Update Status Scans
I'm dealing with some 50 workstations of Windows 10 Pro in a peer-to-peer network. The practice has been for the machines to be inspected manually on a weekly basis for update status. It doesn't take too long really but it would be better no doubt to automate the process.
I've not found anything that really does the job.
Nessus doesn't seem to offer a template that does this particular scan.
PRTG may do it but I'm going to have to get the target machines to respond using the right security protocol.
MBSA seems to "work" but not very well for scanning Windows 10 machines - lots of loose ends.
Other than changing our ways, which isn't even part of this question, what might you suggest?
Our ambitions are quite limited - so you might keep that in mind.
I've not found anything that really does the job.
Nessus doesn't seem to offer a template that does this particular scan.
PRTG may do it but I'm going to have to get the target machines to respond using the right security protocol.
MBSA seems to "work" but not very well for scanning Windows 10 machines - lots of loose ends.
Other than changing our ways, which isn't even part of this question, what might you suggest?
Our ambitions are quite limited - so you might keep that in mind.
ASKER
Yes, I think that peer-to-peer means "not in a windows domain" - but there may be nuances that I'm oblivious to.
And, that also means there will not be a windows server available.
I'm leaning toward GFI Languard now.
I didn't really try to get PRTG working so I don't have a good idea what the results might look like or the remediation steps, if any, are provided. I rather doubt it.
I got Nessus running but didn't like the results in terms of integrating into remediations. You can find the vulnerabilities, you can find which hosts they apply to manually, you can find some description of the remediations but no automated process for a single host + vulnerabilities.
And, that also means there will not be a windows server available.
I'm leaning toward GFI Languard now.
I didn't really try to get PRTG working so I don't have a good idea what the results might look like or the remediation steps, if any, are provided. I rather doubt it.
I got Nessus running but didn't like the results in terms of integrating into remediations. You can find the vulnerabilities, you can find which hosts they apply to manually, you can find some description of the remediations but no automated process for a single host + vulnerabilities.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'm rather amazed that there were no better answers or suggestions on EE!
You could still use a WSUS server but you would need to set the WSUS settings manually in the registry to point the computers at the WSUS server.
You'll need to just have a windows server available and install the WSUS role. The PCs will check into this server and report their status and download all updates from that central server.