Does Windows Server 2012 R2 add any new WSUS features or capabilities?
There are several noteworthy additions to Windows Server Update Services (WSUS) under Windows Server 2012 and later. Server Manager can now control the WSUS Server role so that the role can be added and removed as desired. For example, removing the role from one server and enabling it on a later, more powerful server might be more convenient than performing a live migration or attempting a formal installation on another physical machine.
WSUS now adds 12 PowerShell cmdlets to allow scripting and automation of WSUS tasks. WSUS also now supports hash-based authentication. Matching SHA256 hashes helps ensure that patches and updates are "authentic," undamaged and free of malware, which could devastate an enterprise if infected code were inserted into patches or updates. Finally, WSUS is available in two separate versions: a server version (WSUS) and a client version called Windows Update Agent (WUA). WUA does not depend on WSUS or its features.
Keep in mind that upgrading WSUS -- often accomplished when upgrading a Windows Server OS version -- may require the older version of WSUS first being uninstalled from the target server. Be sure to read the update documentation before proceeding. It is important to review and understand any potential WSUS issues before upgrading the WSUS server.
WSUS features offer IT administrators a versatile platform to manage and automate Microsoft product updates and patches. But just having an update available is not enough to justify the update. Administrators must take the time to test each prospective patch or update in a lab environment and weigh the impact on reliability and performance, looking for unforeseen consequences before making the choice to roll out the new code enterprise wide. Have a backup plan in place as well. If trouble strikes -- such as an incompatibility -- administrators can restore and recover while investigating the root cause of the problem and formulating corrective action.
Dig Deeper on Microsoft Windows Server 2012
Related Q&A from Stephen J. Bigelow
Containers have rapidly come into focus as a popular option for deploying applications, but they have limitations and are fundamentally different ... Continue Reading
ALM and SDLC both cover much of the same ground, such as development, testing and deployment. Where these lifecycle concepts differ is the scope of ... Continue Reading
Eliciting performance requirements from business end users necessitates a clearly defined scope and the right set of questions. Expert Mary Gorman ... Continue Reading