Is there a way to setup an update cache server that can deliver to any device in a big network ANY microsoft products, including xbox, windows 10 and 365 products?

Erandipiti 1

I have a big network with lots of different households connected, and would like to cache all the updates that come through the internet so we don't have to use the bandwidth 5 times for the same update.
That includes Xbox and any microsoft products, it also needs to be transparent for the user since I wont have access to their devices.

Rita Hu -MSFT 9,626 Reputation points

2021-06-25T02:24:20.143+00:00

@Erandipiti
Thanks for your posting on Q&A.

There are several methods which we could try to deploy updates for clients. Please review this link to choose one of the methods to depoy updates.

In addition, please review this link to deploy WSUS server if you want to deploy updates by WSUS server.

Hope the above will be helpful. Please keep us in touch if you have any questions.

Regards,
Rita
Erandipiti 1 Reputation point

2021-06-25T15:59:05.347+00:00

But that seems to work only if you configure something in the clients devices.

I'm not looking for that

What I want is just to have a server where the updates that go through the network are saved so next client that needs it can download it from the server instead of going all the way back to microsoft servers.

I'm not a network manager, more like an ISP
Rita Hu -MSFT 9,626 Reputation points

2021-06-29T01:57:00.487+00:00

But that seems to work only if you configure something in the clients devices.
Yes, that's right.

What I want is just to have a server where the updates that go through the network are saved so next client that needs it can download it from the server instead of going all the way back to microsoft servers.
In my opinion, we have to create a server which could help us to download and deploy the require updates for the clients. As I mentioned above, we could create a WSUS server or SCCM Server to download the required updates in the internal.

In addition, here are several links for your reference:
https://learn.microsoft.com/en-us/mem/configmgr/core/get-started/set-up-your-lab
https://learn.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/deploy-windows-server-update-services

Hope the above will be helpful :)
Ch. Sennhauser 6 Reputation points

2022-05-03T07:30:14.09+00:00

Maybe WSUS with BranchCache?
Does anyone have experience with it?

Regards
Christian

3 answers

Philippe Levesque 5,681 Reputation points MVP

2021-06-29T02:05:33.923+00:00

Hi Erandipiti-67711

No as these products are not designed to receive update from another source, unlike a Windows OS with WSUS or BranchCache in example.

Let me explain the basic security restrain that block you or such try; In the SSL handshake the device use to make to connect to an upstream server to update, it validate it's certificate to be sure it's a secure update server. It's done as it's a common strategy virus/malware used to do in the past to try to redirect the update source.

Redirecting the connection to a reverse proxy but on your side, will make the device connect to you, but the certificate would not be the one from the original source, as you dont have the original private key and can't use the same certificate key pair, thus it break the chain in your case.

Thanks

Philippe
Please sign in to rate this answer.

0 comments No comments
Sign in to comment
Ayokas 1 Reputation point

2022-04-27T05:45:56.753+00:00

You can use the LanCache applications. Although created for LAN parties and game launchers in mind they also cache Windows Updates.
So when the first client loaded the data the second one should be served by the local server instead: https://lancache.net/docs/containers/monolithic/

However, I didn't try it myself yet.
Please sign in to rate this answer.
Martin Hansen 1 Reputation point

2022-09-14T20:57:33.567+00:00

Thanks for mentioning the LanCache solution!

I knew of it, but did not consider it as a solution to my volunteer job where we have a lab for deploying windows laptops for flying out to emergency services.
These devices need to be reinstalled if not outright disposed of upon return, and trying to set up other caching solutions has so far been time wasters.

The official Microsoft Server based solutions as are not possible as these devices and the lab's budget are not allowed to have anything to do with the rest of the organizations IT branch.
Sign in to comment
Ch. Sennhauser 6 Reputation points

2022-05-03T07:31:19.333+00:00

Maybe WSUS with BranchCache?
Does anyone have experience with it?

Regards
Christian
Please sign in to rate this answer.

0 comments No comments
Sign in to comment