I manage a network of about 1200 workstations and about 200 or so servers. We have migrated away from McAfee in favor of System Center Endpoint Protection for our corporate Anti-Malware solution. Currently, the policy is set to update directly from Microsoft, but I would like to trim the amount of traffic on our external WAN, so I would like to set our SCCM server as the definitions update source.
Currently, we're using WSUS to keep our workstations patched, and I would like to continue using that, as I don't like the way SCCM does patch management. However, where WSUS fails in this regard is that virus defs will not update via WSUS if the user is pending a reboot from a previous round of updates (we do not force reboots around here).
Therefore, I would like SCCM to push out virus defs daily via an automatic deployment rule, but rely on WSUS for everything else. If I enable the Software Update Point role on the SCCM server, will it break existing WSUS functionality?