Usages of "allow downloads from other pcs" option / in corporate environment and WSUS (SOHO)

Question

Usages of "allow downloads from other pcs" option / in corporate environment and WSUS (SOHO)

Gio Gogilashvili 0

Hello, Is "allow downloads from other pcs" option necessary to be on in corporate environment when we use WSUS to push updates? We have WSUS and we push updates from the server, but by default the option "allow downloads from other pcs" in windows in enabled, should I disable this option? Then, will it cause slow network operations or better performace? Our internal website becomes very slow ufter pushing updates from WSUS, (this can be network bandwidth fault or other problem) (and "allow downloads from other pcs" option was enabled by default in this case and wonder if it is better be on or off in our case) I don't know if generally you must configure GPO in corporate environment to disable "allow downloads from other pcs" option if you use WSUS. As Microsoft says: "Sharing this data between PCs helps reduce the internet bandwidth that’s needed to keep more than one device up to date or can make downloads more successful if you have a limited or unreliable Internet connection." Thanks

1 answer

Your answer

Answer 1

Adam J. Marshall 10,356

First, WSUS NEVER pushes updates. WSUS is a pull system. You approve an update, it sits in the repository until the client agent pulls the update to itself. You "use WSUS to distribute updates" is a more correct way of saying it.

I would recommend that you CONTINUE to use it.

https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-4-creating-your-gpos-for-an-inheritance-setup/

It does not cause problems and always starts with the WSUS server download initiation first, then it moves to 'hey, does anyone here have this file I can download from you?'.

The issue with your internal website becoming very slow would have a different reason. Is it housed on the same server as WSUS? If yes, then you're saturating the Ethernet line with traffic from both websites - your internal website and the WSUS Administration website. Allowing DO to properly fetch updates from peers would actually be a benefit in this case.

Gio Gogilashvili 0 Reputation points

2024-02-02T11:57:12.4566667+00:00

Hi, thanks for reply. No, it's on different servers. I guess it's bandwidth no enough, we have 40mb/s internet and around 100 users and when WSUS pulls updates and then all the laptops get it, there must be bandwidth not enough...

and As Microsoft says: "Sharing this data between PCs helps reduce the internet bandwidth that’s needed to keep more than one device up to date or can make downloads more successful if you have a limited or unreliable Internet connection." so I guess that feature must be on, in that case we get better network performance, as the laptops "update" each other peer2peer...
Adam J. Marshall 10,356 Reputation points

2024-02-02T15:46:59.3+00:00

Is the issue when you APPROVE the update on the WSUS Server so that it starts downloading from Microsoft and that causes your issue, or is it when it is now downloaded to the WSUS server and laptops are checking in and then pulling the data to their systems? Are the laptops local or are they remote connected via VPN?
Gio Gogilashvili 0 Reputation points

2024-02-05T08:57:37.87+00:00

You know, actually as I mentioned, almost every laptop had alreadu downloadad the updates, then just needed restart to finish installing them, I think 90% were downloaded already in laptops but the internet (and our internal website) still was very slow. after installing them and restarting most of laptops the issue was then fixed.

Share via

Usages of "allow downloads from other pcs" option / in corporate environment and WSUS (SOHO)

1 answer

Your answer