Windows update to DMZ in Azure

Ronnie 21 Reputation points
2021-07-27T10:16:09.97+00:00

Hi all.

I know there are a load of info about updating DMZ server but not seen anything about updating DMZ servers in Azure which does also give me a few more options.

Yes my security team will also not allow hole be punched through our FW so I need to find a few more option as I can't use my SCCM server to patch them.

From what I have found so far these are my options and what to know if anyone has use any of these and what are the pit falls and are there future proof in any of these yes I know nothing is future proof but as much as possible.

Options are: In no particular order
Use Windows Update manual config on each server.
Windows Update for Business.
Azure Update Management.
WSUS Role on one server and other server to point to the WSUS Server.

Not sure if I have missed any other options I can explorer?

Any feedback will be greatly apricated.

Microsoft Configuration Manager Updates
Microsoft Configuration Manager Updates
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
1,043 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,291 Reputation points Microsoft Employee
    2021-07-27T14:01:23.637+00:00

    WUfB doesn't do servers.

    Have you considered placing a site system in the DMZ and then only allowing traffic between it and the necessary internal resources?

    Another option is to use a CMG. This would mean issuing certs to these systems, but it would work.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.