Windows Server Update Services (WSUS): Everything you need to know
What is Windows Server Update Services (WSUS)?
WSUS stands for Windows Server Update Services. It is a free application from Microsoft that makes it possible to deploy and manage the latest product updates and patches from Microsoft. IT administrators can easily and effectively manage the distribution of updates and patches.
WSUS server: What is it used for?
With WSUS server, it is possible to manage and distribute updates through a management console. A WSUS server can act as an update source for other WSUS servers in your company. When deploying WSUS, at least one WSUS server must be connected to Microsoft Update over your network for the available update information. WSUS allows bandwidth management and optimization of network resources. WSUS downloads updates and downloads automatically. In addition, administrators can direct the download of updates to the desired computer(s).
WSUS Offline Update Tool
WSUS Offline Update Tool is a very handy program that allows updates to be downloaded on computers with internet connection. This allows all necessary updates to be packaged and offered in such a way that it can be installed via an offline media. With WSUS Offline it is possible to update outdated Windows computers with the latest updates and patches. This can be done through a VM (virtual machine).
Windows Server Update Services ports
WSUS server uses ports 80 and 443 for the HTTP and HTTPS protocols. Port 8530 is used for TCP protocols.
Windows PowerShell in WSUS
Windows PowerShell can be used to automate activities. They do need coverage through command-line automation for this. Automating these activities makes management easier and less time consuming. Using Windows PowerShell in WSUS increases productivity, improves the learning curve for new tools and reduces errors.
Windows 7, 8-1 and 10 with WSUS
WSUS facilitates the process of updating Windows 7, 8-1 and 10. It is important that the WSUS server contains the latest updates, otherwise the updates for the Windows programs will fail. To verify that WSUS contains the correct server version, follow these steps:
- Open WSUS console
- Click on the name of the server
- Click “Overview”, then Connection and then Server version.
- Check if it is version 3.2.7600.283 or later.
Windows Server Update Services (WSUS) best practices
To keep the performance of WSUS optimal, it is best to take the following into account:
A server can support up to 100,000 clients. For optimal performance, it is smart to keep the number of clients far from the maximum. When you are approaching the maximum, then it is smart to configure 2 to 4 servers that share the same SQL Server database.
Recycle and Memory Limits
When WSUS implements an internal cache of update metadata from the database, it consumes a lot of memory. When private and virtual memory is exceeded, the WSUSPool is recycled. The cache is then deleted and rebuilt.
The WSUS compression type uses the Xpress code language. Enable this compression to save bandwidth.
Configure products and categories
When configuring, choose only products and categories that you want to deploy. This saves you on the amount of metadata.
Disable unnecessary updates
Disabling unnecessary updates will save memory and improve the overall performance of WSUS.
Reject outdated updates
This is the most common problem with WSUS performance issues. By refusing obsolete updates and performing maintenance, WSUS will perform a lot better than if these updates are allowed.
Configure antivirus exclusions
By preventing viruses, the performance of WSUS will be maintained.
Using Windows Powershell makes management easier and more effective.
Do you have questions? Contact us!
For more information about which Microsoft software and licenses are best for you, please contact us. We are available from Monday to Friday from 9 a.m. to 5 p.m.