WSUS – A how to guide for a basic configuration of WSUS Server 2012
What is Wsus?
WSUS – stands for Windows Server Update Services. It is a server role that enables you as the Administrator to handle updates and patches/hotfixes on your domain for windows server operating systems as well related applications by Microsoft.
Note – If you host a WSUS server onsite be aware that each user accessing that WSUS Server through Active directory needs to have a Client Access License.
So how does it Work?
Well you can configure updates to download from the Microsoft servers directly through your internet connectivity.
You can also download from other WSUS Servers on your network, these are called upstream servers.
You can also manually download and import them to your server.
Note – Never install the WSUS role on a domain controller this will cause access issues with the database.
The Diagram below is a basic idea of how it works, there are a lot of variations of design and implementation but this will give you a brief overview.
Your WSUS server will download the Updates from the Microsoft server and store them locally, Instead of the clients accessing Microsoft updates on the internet they will first look on the internal network. This will be configured via Group Policy as shown later in the Guide.
What are the benefits of Using a WSUS Server?
- First of all a central repository to download all the updates.
- Frees up valuable resources, your client computers will now access the internal network instead of accessing the internet to download the latest patches. Just think how much bandwidth that will save.
- Tighter control on what updates and patches/hotfixes you download.
- Reporting to show who has updates installed, who does not etc.