Hehe yeah sorry I should have been clearer. I meant the patching of the MS OS and its products due to to their
I've tried SUS but it simply is terrible to configure and works so-so as I have found it. Sometimes I'm not so sure it works at deploying the patches. So I have been looking at the following:
SUS - tried that, it works so so
HFNetchkPro - tired it, works fine but expensive
Updatelink- tried it and its confusing
Sitekeeper - tried it, and its even more confusing.
Ah well I'll look at Patchlink. I'm just looking for easy discovery, efinds the patches it needs, downloads them and patches the machine. Hopefully patchlink is good. I'll try.
Personally I love Patchlink like I said above. It runs an agent on the desktop. Once the agent is installed (which can be pushed out automatically or manually run) it automatically detects the the Patchlink server. On the server you can setup groups of machines to delegate control over, setup baselines, etc. It supports all windows OS's, redhat, solaris, and will also do patches for office, citrix ICA clients, adobe, etc.
Patchlink can also help you create a custom package if you need to deploy it in your environment. But don't treat it like software deployment like SMS (even though it can begin to do it), it is patch management.
Interesting. I've been running SUS for about six months now and it's performed flawlessly. It keeps about 90 systems updated locally, and another 30 across a WAN. Setup was straightforward if you read and follow the whitepaper from MS.
And, like I said, it's free. The version coming out soon will let you keep Office patched as well as other MS apps.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
I also have no problems with SUS for 110 computers. I am espically looking forward to WUS, the next version of SUS. SUS's main advantage is it's free. As long as you read on how to set it up properly it shouldnt be hard to get running.
I use SUS for 106 machines w/o any issues. It's a bit hairy to set up if it's your first attempt(like it was for me) but definitely runs flawlessly and it's best selling poin is that it's free! I have noticed that it occasionally misses some patches but those are usually due to my own error.
Hrmm.. maybe its something I should reinvestigate. I used group policy to distribute sus but it wouldn't send out the patches (it did at first but then it stopped), the server itself was still downloading the patches reliably, but the deploy was the hairy part, I mean it worked but then it stopped.
Anyone mind pointing out the whitepaper you all referenced?
Honestly I did not like the SUS server and opted to go for a paid patch management option. We used SUS for about 3 months and never liked the features mainly because it doesn’t have many unless you hack the crap out of it. There was no reporting feature to it and it was not near as easy to back off patches incase of mishap nor was it really that easy to setup PC's to do a certain update and have others ignore it. For instance there may be a patch that you want certain PC's to get but do not want others to get you could not selectively tell what PC's you want to have the patch very easily and it was all or none. I think that WUS is supposed to have a lot of the features that we were initially looking for but unfortunately we could not wait due to regulations that we have to follow so after evaluating several patch management software we thought that Symantec's iPatch had a very good product that had the features already that we needed and wanted.
I suppose the SUS may due some of the things we wanted it to but over looked it but we just found the SUS to be very clunky and not very user friendly for a corporation such as ours. We are required to test ever patch to the fullest extent and document every patch and what they do and SUS was just not for us.
To my knowledge the WUS has not been released yet. They were going to release it last year but put it on hold until mid year this year. I may be wrong but that was the last thing I heard about WUS and never even looked at it again since we purchased the iPatch.
Yeah I just checked and it has been released in beta. I don't do much beta testing and would wait until its released gold before I messed with it much. It should be a lot better product than the SUS server and maybe a few people have already looked at the beta version.
I've installed the public beta of WUS for a number of clients and it is working great. One glitch I have found is that to have it serve servers, you need to manually update the file wuaueng.dll.
To answer the question posted above about using WUS ina non-ad environment, you can not do it. WUS requires AD, though it does not need to be installed on a DC. Only other gotcha on it is make sure when you install it to select to install into a NEW website, otherwise you will hose up your existing web sites.
Once installed, it performs great and is FREE. Like SUS is will continue to be free as well. WUS will nt only patch your OS but also other MS products like Office.
I hope you find this post helpful. Please let me know if it was.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.