Off-Line WSUS Defender Update Definitions

Question

Is there any way to get weekly Defender Update Definitions into an off-line WSUS server 2019 to be available to computers attached to the network?

The monthly off-line patches and definitions work fine, but I need to update defender weekly through WSUS. I don't want to manually install every workstation and server.

Thanks,

Ken

Answer 1

Thanks for the response: Note: The server and domain are both completely isolated from the outside world. (Classified environment). I have no other WSUS server to sync.

I was looking for a solution to download just the defender definitions/updates and somehow import them into the off-line WSUS. Is that possible?

I download the WsusContent and metadata from my unclassified computer to Blu-Ray each month and import the Blu-ray into the off-line classified WSUS server.

All the articles I have found all talk about and assume the WSUS box is on-line connected to Microsoft. The off-line articles all talk about getting the monthly metadata, but they don't talk about weekly defender updates. Any suggestions!!

Answer 2

@Kendall Layman
Thanks for your posting on Q&A.

I found a useful article from MS. Perhaps you have missed this. So I would like to share with you and hope the link will be helpful.
https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/deploy-definition-updates-using-wsus

According to your comments above, the WSUS role is offline and could not connect to the Internet. In my opinion, we could sync the Windows Defender definition updates on the Online WSUS server and import into the Offline WSUS server. Then we could add a new Automatic Approvals Rule and approve the Needed updates automatically.

Please feel free to inform me if you have any questions of the case. Hope the above will be helpful.

Thanks for your time.

Regards,
Rita

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 3

@Kendall Layman
Thanks for your feedback.

Here are my ideas and I would like to share with you. Hope the below comments will be helpful.

I was looking for a solution to download just the defender definitions/updates and somehow import them into the off-line WSUS. Is that possible?
It doesn't matter what the actual update are, the weekly defender updates or the monthly security updates. The Official Recommended method is to build two WSUS server. One is online and try to sync the metadata and download the update files, the other is offline and deploy the Needed updates for the isolated clients. We have to export metadata and update files from the Online WSUS server and import into the Offline WSUS server. We could refer to this link to deploy. The article is old but it is suitable either. We could refer this link to deploy the updates.

Of course, we could enable the Automatic Approval to approve the Needed updates automatically on the Offline WSUS.

Thanks for your time and have a great day.

Regards,
Rita

---

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.