Not exactly... my SUS server downloads each new patch to it's own hard drive. Then I test the patches with my "beta" group, and assuming all is well, make them available to the rest of the machines.
My workstations never converse, either directly or through proxy, to the Windows Update servers. Only one machine ever does that, the SUS server. Has your experience been different? Glenn Sullivan, MCSE+I MCDBA David Clark Company Inc. -----Original Message----- From: Jason Coombs [mailto:[EMAIL PROTECTED] Sent: Thursday, March 13, 2003 2:38 PM To: Jed Needle; [EMAIL PROTECTED] Subject: RE: Critical/Security Updates as well as other Patch Management SUS is nothing more than a filter for windowsupdate.com that tells managed boxes not to allow windowsupdate.com to install anything other than the subset of updates approved by the SUS administrator. Each Windows box still uses Windows update directly, so all vulnerabilities that impact Windows update and the client-side code that talks to windowsupdate.com are still present when SUS is used. Jason Coombs [EMAIL PROTECTED] -----Original Message----- From: Jed Needle [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 11, 2003 12:24 PM To: [EMAIL PROTECTED] Subject: RE: Critical/Security Updates as well as other Patch Management On Microsoft platforms there is a patch management util called SUS "software update service?? (I think) Once configured, the server will automatically download relevant patches, you then point the clients to the sus server and push updates to clients that way. Jed
