- by Jon Pentecost
How do you update your Windows Servers and workstations (you do update regularly, right)?
With all of the available options for automatically updating Windows Operating Systems, there shouldn’t be any reason you don’t have systems that are up-to-date. Just a couple of the available options are 1.) the built-in Windows Update that all recent Microsoft OSes have and 2.) installing and configuring Windows Software Update Services (WSUS) on a server in a network environment.
Windows Update is a built-in feature of all recent Microsoft OSes that can assist you with automatically updating your Windows Operating System. It has three options for updates: informing you that updates are available and letting you choose when to download and install them, downloading the updates and informing you they are ready for installation, or configuring a frequency and time to automatically download and install updates.
Windows Update can also be updated to Microsoft Update, which includes updates to other Microsoft products other than only the Operating System (such as Microsoft Office). This update is a simple process to add to your OS (depending on the Microsoft OS you have will dictate how you add this functionality to Windows Update) and will then include updates to most Microsoft products installed on your system, along with updates to the main system.
WSUS is more involved than using the built-in Windows Update, but once it is setup and configured, there is not much maintenance necessary to continue to keep your systems fully patched. WSUS is a separate download for Windows Server 2003 but is now included as an additional feature to Server 2008 that you can add, if you wish. Once WSUS is installed on a server, you can then have servers and workstations connect to the WSUS implementation a number of ways. The most popular (and in my opinion, the best way) is to setup a Group Policy Object (GPO) that connects all workstations to one or more configurations for deploying updates automatically and having servers connect to another GPO that allows you to manually initiate the updates.
One of the biggest benefits of using WSUS is that all workstations and servers connect to a single location within the network environment that already have all the necessary updates downloaded (which can be scheduled for off-hours, by the way), rather than having to individually connect to the Microsoft Update servers through the Internet and download the necessary updates on every computer. Another great benefit is that from one console, you are able to view each of the systems in the environment and know the current patches that are installed and those that are needed on any particular update or patch, rather than needing to go to each machine and run Windows/Microsoft Update manually to see if updates are needed.
A third option for keeping your systems fully patched and updated is to use Trigon Technology as your IT Support Company. With our Pinnacle Care Managed Services, we use additional software that manages the update process on each and every system in your environment that can be customized for any need on any machine. In addition to updates, we proactively monitor all systems and can send alerts if a particular computer or even a certain service on a machine becomes unavailable. So, if you would like to be sure your network environment is updated without the need for setting configurations on each computer or going through all of the setup and configuration of WSUS, contact Trigon Technology and ask about our IT Services that can keep your systems up-to-date for you and allow you to focus on what is most important to you: your business.