dwtuggleMemberJul 11, 2011 at 1:36 pm #155438
I have a fully functioning WSUS environment. It is being deployed via a GPO and works as expected (for the most part).
I’m wondering what the “best practice” is for my environment. Here is a high level overview.
ATT fully meshed MPLS network using Class of Service so I can give SUS traffic low priority. Right now, I have PC checking updates from SUS server, and then going out to the Internet to pull them down. The problem is that although I have some QOS operational, sometimes we have machine that will d/l updates through the day and it kills the internet pipe at that location. Some people say to just let clients d/l from the SUS server, but then we run into perhaps killing the connection at our corporate office.
So, my main question is: can I tell machines to ONLY download their updates from say: 6PM to 6AM? I do not see how to force the time in which they download, only when they install. I think the problem is that if a machine is powered off when they are supposed to install (currently 1:am) then when the user comes in the next morning and powers up, it tries to pull down the new updates and kills the circuit. Obviously I need to work more with ATT on our Class of Service, but is there a way to STOP all downloads of windows updates at a particular time? I just don’t see it!
Because I am new. I cannot post the link to my screenshot of the GPO within the post so here is the link:
http (colon) // www dot mercersoccer dot net / images/WSUS.gif
In the screenshot above… We are: Set to 4 “Auto download and schedule the install” under Configure Automatic Updates.
Thanks. I can answer more questions moving forward. I hate for my initial post to be too long.
You must be logged in to reply to this topic.