With Windows Server Update Services (WSUS), Windows updates can be provided and distributed locally via your own network and your own Windows servers. The updates are decoupled from regular Windows updates. This offers extensive management and control options for various clients.
What is WSUS?
The abbreviation WSUS stands for Windows Server Update Services. It is a software component for Windows servers that can be used to provide and install Windows updates separately from Microsoft’s regular update service. Thanks to WSUS, administrators can determine which clients are to be supplied with which updates at a specific time. Extensive control and administration options are available.
Group policies are used to instruct clients to obtain their updates from the WSUS server. Clients then automatically connect to the server and receive the updates specified by the administrator. All client and update information is stored in a database on the server.
The use of Windows Server Update Services reduces the bandwidth requirements on the Internet connection by providing the updates locally. Windows Server Update Services can be used for operating systems such as Windows 7, 8, or 10 and Windows Server 2012, 2012 R2, or 2016.
How Windows Server Update Services work
In principle, the Windows Server Update Services work client-server based. A Windows server provides the updates. Clients connect to the server via the network and download the software provided for them. In addition to the WSUS software component, a Windows or SQL database is required on the server. It does not necessarily have to be installed on the same server.
The database stores information about available updates as well as all client reports. The WSUS server itself gets its updates from a regular Windows update server.
So that the clients do not get their updates from the regular Windows update server, but from the local update server, they have to be configured accordingly. In principle, it is possible to operate several WSUS servers. In this case, so-called downstream servers obtain the updates from a higher-level server. For the configuration of the superordinate update-source server name and port must be deposited on the downstream servers.
Advantages of using Windows Server Update Services
The use of Windows Server Update Services offers a company numerous advantages. The administrator centrally assigns updates to clients or client groups.
Possible problematic updates can be tested extensively in advance. Only when it has been ensured that the updates are suitable for specific clients and do not cause incompatibilities or malfunctions, are they allocated to the clients. Deadlines can be configured for critical updates that need to be distributed quickly for security reasons.
All updates are downloaded by the WSUS server only once from the Microsoft servers and then distributed locally. The bandwidth requirement on the Internet line is reduced.
By using multiple WSUS servers, an efficient hierarchical structure for the distribution of updated software can be realized. Another advantage of Windows Server Update Services is that all update-relevant data is stored in the WSUS database and can be accessed centrally.