Question : Alternatives to Windows Update as a WSUS client?

I recently started to play around with Microsoft WSUS (Windows Server Update Services) - it does exactly what I need - with our 50+ machines, running updates really bogged down our pipe; having a local update server is a novel idea!

One thing that sucks is the client aspect of it. From the reading that I have done, it looks like the built-in Automatic Update Manager has to be used and is configured via either Domain Policy or Registry. This seems really backwards to me... Having it scheduled and automated is a good option, but I would like a client that has an "Update Now" button that I can push or a local website that I can go to instead of windowsupdate.microsoft.com...

Are there any 3rd part clients that will let me do this? Or is the Automatic Update Manager the only way that I can update my machines?

Answer : Alternatives to Windows Update as a WSUS client?

I would suggest that Microsoft didn't do altogether totally crappy with wsus (I wish they'd kept the original name, Windows Update Services - WUS - hehe) and when you're talking about wanting to make sure all the computers in your environment are patched with at minimum all the critical vulnerability patches that don't break too much, you need something that you don't rely on Joe User to click an icon to initiate updates.

I always thought of their BITS / Automatic Updates process as a bit of a vulnerability, especially if you leave it configured to get updates from the Microsoft site - but the concept of WUS and the update client process isn't too far from the concept behind other patch management tools like Patchlink. You want central control and the ability to push priority updates immediately. Problem with WSUS is you have to make damn sure the patches you approve won't break functionality or cause more problems than they are meant to fix.

Too many folx just put WSUS in place and auto-accept all critical updates, damn the torpedoes - and that's because companies don't want to pay the bucks to have a patch-management guru team with a bunch of hardware and software and people resources tied up in testing all the patches before they get approved - it doesn't add to the bottom line to do it "right." You'd have to at least dedicate one guy to reading the bulletins for each patch, to at least determine whether the vulnerability it's supposed to fix applies to your environment before taking the risk of breaking critical apps.

If you're that big that your company's IT staff can justify a patch testing and approval team, you'd probably have a much better tool than WSUS anyway - like Patchlink.

Random Solutions

CAt.5e switch and patch cable

GSM Modem With Phone

Can I backup "preferred wireless networks"? What about other network settings?

superscope vs regular scope

Sonicwal change IP

Unable to access shared files over the network - windows xp

ConsoleOne remote view/control

How to configure a MAC and a Windows computer to share files through a wireless network?

Edit HKEY_CURRENT_USER Registry key with a Group Policy Object