Software Update Services
   HOME

TheInfoList



Click Here for Items Related To - Software Update Services
OR:
Software Update Services on:   [Wikipedia]   [Google]   [Amazon]

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program and
network service In computer networking, a network service is an application running at the network application layer and above, that provides data storage, manipulation, presentation, communication or other capability which is often implemented using a client†...
developed by Microsoft Corporation that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the
Microsoft Update Windows Update is a Microsoft service for the Windows 9x and Windows NT families of operating system, which automates downloading and installing Microsoft Windows software updates over the Internet. The service delivers software updates for Win ...
website and then distributes them to computers on a network. WSUS is an integral component of Windows Server.


History

The first version of WSUS was known as Software Update Services (SUS). At first, it only delivered hotfixes and patches for Microsoft operating systems. SUS ran on a Windows Server operating system and downloaded updates for the specified versions of Windows from the remote Windows Update site which is operated by Microsoft. Clients could then download updates from this internal server, rather than connecting directly to Windows Update. Support for SUS by Microsoft was originally planned to end on 6 December 2006, but based on user feedback, the date was extended to 10 July 2007. WSUS builds on SUS by expanding the range of software it can update. The WSUS infrastructure allows automatic downloads of updates, hotfixes,
service pack In computing, a service pack comprises a collection of updates, fixes, or enhancements to a software program delivered in the form of a single installable package. Companies often release a service pack when the number of individual patches to a ...
s,
device driver In computing, a device driver is a computer program that operates or controls a particular type of device that is attached to a computer or automaton. A driver provides a software interface to hardware devices, enabling operating systems and ot ...
s and feature packs to clients in an organization from a central server or servers.


Operation

Windows Server Update Services 2.0 and above operate on a
repository Repository may refer to: Archives and online databases * Content repository, a database with an associated set of data management tools, allowing application-independent access to the content * Disciplinary repository (or subject repository), an ...
of update packages from Microsoft. It allows administrators to approve or decline updates before release, to force updates to install by a given date, and to produce extensive reports on which updates each machine requires. System administrators can also configure WSUS to approve certain classes of updates automatically (critical updates, security updates, service packs, drivers, etc.). One can also approve updates for ''detection'' only, allowing an administrator to see which machines will require a given update without also installing that update. WSUS may be used to update computers on a
disconnected network An air gap, air wall, air gapping or disconnected network is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an un ...
. This requires exporting patch data from a WSUS server connected to the internet and, using removable media, importing to a WSUS server set up on the disconnected network. Administrators can use WSUS with Group Policy for client-side configuration of the
Automatic Updates Automatic may refer to: Music Bands * Automatic (band), Australian rock band * Automatic (American band), American rock band * The Automatic, a Welsh alternative rock band Albums * ''Automatic'' (Jack Bruce album), a 1983 electronic roc ...
client, ensuring that end-users can't disable or circumvent corporate update policies. WSUS does not require the use of Active Directory; client configuration can also be applied by
Local Group Policy Group Policy is a feature of the Microsoft Windows NT family of operating systems (including Windows 7, Windows 8.1, Windows 10, Windows 11, and Windows Server 2003+) that controls the working environment of user accounts and computer accounts. G ...
or by modifying the Windows registry. WSUS uses
.NET Framework The .NET Framework (pronounced as "''dot net"'') is a proprietary software framework developed by Microsoft that runs primarily on Microsoft Windows. It was the predominant implementation of the Common Language Infrastructure (CLI) until bein ...
, Microsoft Management Console and Internet Information Services. WSUS 3.0 uses either SQL Server Express or
Windows Internal Database Windows Internal Database (codenamed WYukon, sometimes referred to as SQL Server Embedded Edition) is a variant of SQL Server Express 2005–2014 that is included with Windows Server 2008 (SQL 2005), Windows Server 2008 R2 (SQL 2005), Windows Server ...
as its database engine, whereas WSUS 2.0 uses WMSDE.
System Center Configuration Manager Microsoft Endpoint Configuration Manager, formerly System Center Configuration Manager and Systems Management Server (SMS) is a systems management software product developed by Microsoft for managing large groups of computers providing remote cont ...
(SCCM) interoperates with WSUS and can import third party security updates into the product.


Licensing

WSUS is a feature of the Windows Server product and therefore requires a valid Windows Server
license A license (or licence) is an official permission or permit to do, use, or own something (as well as the document of that permission or permit). A license is granted by a party (licensor) to another party (licensee) as an element of an agreeme ...
for the machine hosting the service. The fact that user workstations authenticate themselves on the WSUS service to retrieve their updates makes it necessary to acquire a fileserver client access license (CAL) for each workstation connecting to the WSUS service. Fileserver CAL for WSUS is the same CAL as the one required for connecting to a Microsoft Active Directory, fileserver and printserver, and has to be acquired once for a device or a user. WSUS is often considered as a free product because fileserver CAL are already paid for in an enterprise network that has a Microsoft Active Directory and thus do not need to be acquired again. In a network using
Samba Samba (), also known as samba urbano carioca (''urban Carioca samba'') or simply samba carioca (''Carioca samba''), is a Brazilian music genre that originated in the Afro-Brazilian communities of Rio de Janeiro in the early 20th century. Havin ...
Active Directory, it is not necessary to purchase CALs to connect to the domain controller or connect to a Samba file server. However, the use of a WSUS server will still require the purchase of client access licenses for all Windows workstations that will connect to the WSUS server.


Version history


References


External links

* on Microsoft Docs {{Windows Components Windows Server Microsoft server technology Patch utilities