cancel
Showing results for 
Search instead for 
Did you mean: 

WSUS - WSAM - Patchmanagement

bratfett_
Occasional Contributor

WSUS - WSAM - Patchmanagement

Hi everyone,
we use Microsoft WSUS for patching Client OS.
We do not deploy all MS Patches to our Clients, we only deploy intern approved Patches ..

This means that the patch version information from the juniper staging site is not helpful, because it includes patches we would never deploy.

To use it togehter with HC for our roadworriers, means to manually edit the item "scan for specific patches" at the IVE, each time we deploy new updates.

I like to avoid these job and use WSUS patch version information somehow within the IVE, as own staging site - is this possible?

Regards

5 REPLIES 5
Kalex_
Contributor

Re: WSUS - WSAM - Patchmanagement

Well, yes: if your road warriors use WSAM or NC you could allow access to your WSUS server. Be aware that this may cause large downloads, so you'd best give them the option to allow download the patches themselves.
JamMan_
Occasional Contributor

Re: WSUS - WSAM - Patchmanagement

You should set up a policy for BITS to control background download speed. No need to have them do it manually.

Kalex_
Contributor

Re: WSUS - WSAM - Patchmanagement

Agreed, BITS can help.

However, you have to take into account that people may use connections with data limits (some xDSL, UMTS, etc.) or expensive data rates (e.g. satellite downstream). In that case, you don't want a full service pack downloading in the background!

archiles1_
Occasional Contributor

Re: WSUS - WSAM - Patchmanagement

hi

can you please direct me to the documentation to configure this..

thanks

zanyterp_
Respected Contributor

Re: WSUS - WSAM - Patchmanagement


@bratfett wrote:

Hi everyone,
we use Microsoft WSUS for patching Client OS.

I like to avoid these job and use WSUS patch version information somehow within the IVE, as own staging site - is this possible?

Regards


It would not be possible to host anything on the IVE or use the IVE checking for this information.

The clients will need to contact your server for updates. This will also require Network Connect for the server-initiated connections associated with a push-based service; this is not possible using WSAM (WSAM is for client-initiated connections only).