Does Windows Server 2012 R2 add any new WSUS features or capabilities?
There are several noteworthy additions to Windows Server Update Services (WSUS) under Windows Server 2012 and later. Server Manager can now control the WSUS Server role so that the role can be added and removed as desired. For example, removing the role from one server and enabling it on a later, more powerful server might be more convenient than performing a live migration or attempting a formal installation on another physical machine.
WSUS now adds 12 PowerShell cmdlets to allow scripting and automation of WSUS tasks. WSUS also now supports hash-based authentication. Matching SHA256 hashes helps ensure that patches and updates are "authentic," undamaged and free of malware, which could devastate an enterprise if infected code were inserted into patches or updates. Finally, WSUS is available in two separate versions: a server version (WSUS) and a client version called Windows Update Agent (WUA). WUA does not depend on WSUS or its features.
Keep in mind that upgrading WSUS -- often accomplished when upgrading a Windows Server OS version -- may require the older version of WSUS first being uninstalled from the target server. Be sure to read the update documentation before proceeding. It is important to review and understand any potential WSUS issues before upgrading the WSUS server.
WSUS features offer IT administrators a versatile platform to manage and automate Microsoft product updates and patches. But just having an update available is not enough to justify the update. Administrators must take the time to test each prospective patch or update in a lab environment and weigh the impact on reliability and performance, looking for unforeseen consequences before making the choice to roll out the new code enterprise wide. Have a backup plan in place as well. If trouble strikes -- such as an incompatibility -- administrators can restore and recover while investigating the root cause of the problem and formulating corrective action.
Dig Deeper on Microsoft Windows Server 8 Administration
Related Q&A from Stephen J. Bigelow
Administrators in charge of keeping antivirus software up to date have a few options to protect their servers. Learn about the methods and services ... Continue Reading
The Office Insider program can benefit organizations that want as much lead time as possible to see what new features Microsoft plans to release for ... Continue Reading
Microsoft offers Windows Defender Antivirus as its native tool to prevent malware attacks. Discover how it works and what advanced protections it ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.