How to upgrade server on closed network

Question

Hi I have 10 servers behind a firewall where there is only open to known ip numbers or known FQDN But the "FQDNs" for windows update servers do not meet these requirements. WSUS does not work as it consumes to much space and is very unrelible. I have tried to use WAM from AJ tec but it gives up at some point and the server needs to be rebuild (I have done this 3 times over the last 3 years.) The running WSUS has just died and use 0,9TB disk space. What I need is a program that like WSUS recieve the update request and send it to microsoft. But all traffic has to go like a proxy but without setting using netsh winhttp set proxy proxyservername:portnumber As there is a chance it will break internal traffic. So I use WSUS as a kinde of proxy for the moment but do not need the cache funktion. But if I turn of cache function the server tries to go directly to a windows updates server which is prevented du to unknown distination address. So that is not a possibilty. Any ideas are welcome Regards Henning

Answer 1

Hi, I'd be happy to help you out with your question. Sorry for the inconvenience caused. To address your issue, I recommend exploring the following solutions: Consider setting up a proxy server that allows traffic to specific IP addresses or FQDNs for Windows Update servers. This will enable your servers to access the internet while maintaining the necessary security protocols. Microsoft offers offline updates that can be manually downloaded and installed on your servers. This involves downloading the updates on a separate machine with internet access, and then transferring them to your servers via USB or other removable media. If your current version of WSUS is unreliable and consuming too much space, I recommend upgrading to the latest version. The latest version includes improvements that can help reduce the amount of disk space required and improve reliability. If you have any other questions or need assistance with anything, please don't hesitate to let me know. I'm here to help.

If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

Answer 2

In response to

WSUS does not work as it consumes to much space and is very unrelible. I have tried to use WAM from AJ tec but it gives up at some point and the server needs to be rebuild (I have done this 3 times over the last 3 years.)

I would say that if you're using WAM and it has to be rebuilt, something else is going on that is either a mis-configuration, a mis-management of WSUS, or a combination of both. I've been running my current instance since ~2014 and has gone through 3 in-place OS Upgrades and still purrs like a kitten. I rarely have to do anything to it except for approve the updates a couple times a month to both my test group and then production groups.

I would really love to see a couple of your support tickets with us to see if I could see any possible issue that I could see with WAM's HelpMe output.