How It Works
Behind the scenes, WUS includes a built-in Microsoft Data Engine (MSDE)—based database, but larger enterprises can use SQL Server for better performance. This database, called the WUS Catalog, connects to Windows Update, captures metadata about available patches, and stores the information locally. The metadata describes each patch, explains which systems it applies to, describes its dependencies, and provides other useful information. Locally, administrators can schedule patch deployment, test patches before deploying, and determine which systems should receive patches first.
Windows clients in the network are configured to go to the local WUS database rather than to global Windows Update servers. Clients accessing the WUS Catalog pull metadata, perform a scan against the system, and report back to WUS about which patches they need. "It's a basic pull architecture," Steve Anderson, director of marketing for Windows Server, said. "It tells the server, 'Here's what I need.'"
And on Windows XP Service Pack 2 (SP2) systems, WUS supports a new feature called install on shutdown. This feature lets Windows systems automatically install reboot-required patches as the system shuts down, ensuring that work isn't interrupted and the system reboots into a patched state.
Recommendations
Unless you're already using SMS or a third-party patch-management solution, you should evaluate WUS as soon as it's publicly available. Microsoft will ship beta versions of the product this summer and release the final version sometime in the fall. By that time, the company's overhauled patch-management infrastructure will be in place, and all of its patch-management tools will be working through a common back end as well. If you've been struggling with confusing, contradictory, and incomplete patch management on your Windows systems, rejoice. If Microsoft gets this release right—and early indications are that it will—your patch-management nightmare could be ending.
End of Article
Eliseo April 01, 2004