Hi Chad, We are deploying the full rollups to our infrastructure. My understanding is that each month will have 2 rollups on patch Tuesday. Security only and Security + Quality. The Security only are non-cumulative, the Security + Quality are cumulative. Each third Tuesday will see a "preview" rollup with the quality updates in them that will be included in the next month's Security + Quality rollup. (Obviously, I am only talking about the OS specific rollups here.) We decided to take the approach of going all in, since we have a DEV testing environment. As for ADRs, we don't use them for anything "production" related, but I just started using them to handle downloading and distributing updates out to our infrastructure. This way when my patch admins build their monthly patching cycles, they don't have to worry about downloads and distribution to DPs. One thing to consider with the rollups is, choose one or the other. I only have anecdotal evidence of this, but if you deploy both to collections, it will mess with your compliance reporting. So pick one or the other. In all honesty, unless you have a known reason, I don't know why you wouldn't deploy the full rollups. (Obviously with heavy testing...) The blogs Robert listed earlier are a great primer on the new process.
-Erik On Thu, Oct 13, 2016 at 3:34 PM, Chad Beard <[email protected]> wrote: > Apologies if I’ve missed a previous thread. > > > > > > But what is everyone’s thoughts on the new MS patching procedure and how > are you handling it in ConfigMgr. > > > > Currently we have an ADR setup that scans for Critical and Security’s > released in the last 14 days. > > > > Also wondering how people are utilising the monthly rollup patch that gets > released and if they’re excluding it. > > > > *Chad Beard* > > *Senior Infrastructure Support - (Data Centre)* > > Enterprise Services > > > > > *P*. 0882305155 > > *M*. +61 434 076 370 > > *E*. [email protected] > > > > *Australian Rail Track Corporation* > > 11 Sir Donald Bradman Drive > > Keswick Terminal SA 5035 > > > > *artc.com.au* <http://www.artc.com.au/> > > The information in this email and any attachments to it is confidential to > the intended recipient and may be privileged. Receipt by a person other > than the intended recipient does not waive confidentiality or privilege. > Unless you are the intended recipient, you are not authorised to > disseminate, copy, retain or rely on the whole or any part of this > communication. If you have received this communication in error please > notify ARTC on +61 8 8217 4366. While we have taken various steps to > alert us to the presence of computer viruses we do not guarantee that this > communication is virus free. > > > [image: National Safe Work Month 2016] > <https://extranet.artc.com.au/images/NSWM2016.jpg> > >
