I'm looking for alternatives to WSUS since it's been marked as deprecated. I need options for On-Premises Windows updates and patch management because my customer operates on a strictly closed network. I am not considering any cloud-based solutions like SCCM, MECM, or Intune. What can you recommend for managing updates in such an environment?
5 Answers
Consider BigFix or Qualys for your environment, especially if you want something that can operate without direct internet access. They both work well for closed networks, but keep in mind you will need to download patches from the internet and transfer them manually.
If you're looking for a solid, non-cloud solution, I've had success with scripting PowerShell to roll out updates directly. You can check the OS version, available servicing stacks, and use wusa.exe during a system shutdown to install everything without any third-party tools.
WSUS is deprecated but won’t be going away for a while, so you can keep using it with no major concerns for the next few years. Just keep in mind that it won't be receiving new features anymore. Also, if you're using SCCM, remember that it relies on WSUS for updates.
We switched to PDQ Deploy and it's been working well for us. It’s specifically designed for On-Prem setups and allows for easy distribution and tracking of Windows updates, which seems to fit your needs well.
We've transitioned to CW Automate for managing updates across our 5000+ endpoints. It has its quirks, but it's more manageable than WSUS. We’re also using it for upgrading from Windows 10 to 11 and have been quite satisfied overall.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures