transfering only the newest updates to remote machine

Postby Eaeelil » 04.04.2017, 16:01

Hello there.

We have several machines we have to remotely update that can't access our normal WSUS server or the internet due to politics ... (so much fun isn't it?!). so we are transferring data manually to these machines.

I'm a bit new to WSUS offline, so i wanted to verify this will work before we start investing a lot of time into this procedure.

The basic idea is to simply when we transfer the data over, we keep a local copy of the data on the machines and set it to skip any old files. Theoretically this should allow us to push only the new data to the machine (it took 4-9 hours to push 2.73gb over the pipe we had) and update the machines at a faster rate.

So, by simply running WSUS offline, on the same folder, it should update the files for the newest updates. Then i transfer that folder over to the machines and set to skip overwriting the same files. Thus saving a 4-9 hour upload time. Hoping to get it down to 1-2 hours.

Would this plan work or are there any issues i should be aware of with WSUS offline?

Re: transfering only the newest updates to remote machine

Postby boco » 05.04.2017, 01:23

There are indeed a few things to consider:
1. Making sure you only skip overwriting files that didn't change at all. For example, the directory to copy does not only contain updates, but also WOU supplemental files. Those must be overwritten as they will be updated frequently. Updating the catalog file is an absolute must or the new updates won't be installed!

2. You will lose out on the WOU feature that cleans superseded and no longer used updates. Simply copying new files to the target won't delete those files at the target.

3. You might not be able to use verification since the target directory contents won't always match the created hash sums.

It might be much better using a real sync instead of just copy.
Re: transfering only the newest updates to remote machine

Postby Eaeelil » 05.04.2017, 02:17

We can't use real-sync as due to politics we can't directly connect to any of these machines.
We have to use a 3rd party tool (bomgar) to remote in and transfer files.

So it sounds like we will have to update the file each time, and the wou folder each time ... so could i just overwrite those files, and then leave the rest to skip overwrites? Or would there be more needed?
