WSUS Alternatives?

Question

Basic scenario is a PC repair shop where there's a lot of time being essentially wasted downloading/installing Windows updates on individual machines. I had intended to set up an in-house WSUS server to deal with this, but as I got into the install documentation, I found that the WSUS license specifically disallows serving updates to computers that don't belong to your organization.

Since I try rather hard to keep everything legal (even if the license restriction is a bit asinine), I'm trying to find alternatives to WSUS that would allow deploying locally cached Windows updates, preferably over the network, in as automated a manner as possible.

score 6 · Accepted Answer · answered Dec 15 '09 at 16:55

6

The German mag c't once wrote a script called WSUSOffline to apply WSUS updates without internet connection. I never used those but you can find it here http://www.wsusoffline.net/

answered Dec 15 '09 at 16:55

user20285

126
1
2

score 3 · Answer 2 · answered Dec 15 '09 at 17:37

3

At my department we use unattended / unattended-gui for initial Windows installations. Its final act is to setup wpkg, which we use to handle updates, new software, etc.

answered Dec 15 '09 at 17:37

andol

6,848
28
43

score 1 · Answer 3 · answered Dec 15 '09 at 17:06

1

Have a look at wpkg. It takes a bit of work to setup all the xml files but once it's setup you can run it on any windows system without installing a client on it or joining it to a domain which may make it ideal for your situation.

answered Dec 15 '09 at 17:06

3dinfluence

12,409
2
27
41

Chris Driver · Answer 4 · 2009-12-15T17:49:01.440

1

Shavlik's NetChk Protect could be a good option for you. The company has a close relationship with Microsoft and its underlying technology powers Microsofts own Baseline Security Analyzer product. NetChk Protect also supports patching for other vendors products so you may find that useful for stuff like Flash etc.

edited Dec 15 '09 at 17:49

answered Dec 15 '09 at 17:32

Chris Driver

512
1
5
14

score 0 · Answer 5 · answered Mar 08 '11 at 20:46

0

Open source FusionInventory.org based on ocsinventory-ng works with Linux and Mac and Windows and Solaris and HPUX. Cross platform and mature.

answered Mar 08 '11 at 20:46

rjt

568
5
25

score 0 · Answer 6 · answered Mar 08 '11 at 20:54

Try this: http://www.windowsupdatesdownloader.com/ As well, install a simple SQUID (proxy) on the network, download update once, then just adjust the settings in the browser to the proxy and all the content of the updates should be available on the same LAN.

score 0 · Answer 7 · answered Dec 15 '09 at 16:18

This does not answer your question directly, so I apologize in advance.

Perhaps you could setup a caching proxy like Squid to cache all requests to Microsoft URLs for an indefinite period. It wouldn't work as nicely as WSUS, but it might be a solution. Here's a FAQ about it ... might be more of a pain than it's worth.

AdminAlive · Answer 8 · 2009-12-15T17:58:39.643

0

Excellent Patch Management Solution

Have you looked into GFI LANguard? It's freeware for 5 IPs right off the bat, but you can add more by purchasing it. I've used it for a year now and I love it as an alternate to WSUS, because it also scans for vulnerabilities and many other configurations. Check it out.

edited Dec 15 '09 at 17:58

answered Dec 15 '09 at 17:34

AdminAlive

228
1
9

WSUS Alternatives?

8 Answers8

Linked