"Arhenius" <> wrote in message
news:A95F8677-F9E3-4900-B4CD-...
>I have a question around guidance/documentation around how WSUS should be
> setup for an environment with multiple security zones.
>
> Ie. should I have a WSUS server in each zone
> or
> have one (or number determined by load) WSUS that provides updates to
> multiple zones and if so how do I manage the risk of this server being
> used
> to bridge the zones.
>
> any help will be much appreciated
Security Zones, Sites, Domains, Forests... etc, are all pretty much
irrelevant to WSUS deployment.
What's relevant to WSUS deployment is:
[a] the number of managed clients at each physical location
[b] the available bandwidth between the WSUS server and those physical
location(s)
If a physical location has a significant number of managed systems and an
existing server infrastructure, you should consider deploying a downstream
server in that location.
If a physical location does not have sufficient available bandwidth to
provide at least 5kbit/sec of bandwidth to each managed system during
non-working hours, then you should consider deploying a downstream server in
that location.
If a physical location or organizational group has a significantly different
set of update services requirements than the central site, e.g. language or
product differences, then you should consider deploying a downstream server
to meet the special needs of that location or group.
--
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2010)
My Blog:
http://onsitechsolutions.spaces.live.com
Microsoft WSUS Website:
http://www.microsoft.com/wsus
My MVP Profile:
http://mvp.support.microsoft.com/pro...awrence.Garvin
Linear Mode
