Introduction to SUS

In order to maintain a secure network, it is critical to keep systems up to date with security patches. Since 1998, Microsoft has provided Windows Update as a Web-based source of information and downloads. With Windows XP and Windows 2000 Service Pack 3, Microsoft added Automatic Updates, whereby a system automatically connects to Windows Update and downloads any new, patches or fixes.

Use the buttons below to navigate through the lesson


Although automatic updates is convenient for most users it can cause a few problems on networks. These include increased internet usage and the possibility of a patch damaging data or breaking an application. To overcome this, Microsoft released Software Update Services (SUS) which allows a computer to act as a Windows Update Server. All client machines on the network will obtain updates from the SUS server.

Updates are automatically downloaded to the SUS server on a set schedule and then the administrator can approve which updates can be installed. As long as the administrator tests each update then applications and data on the network will not be compromised.

WSUS Server is included in Windows Server 2008, updates for this service can be obtained from the Microsoft Web Site. SUS works in conjunction with the IIS service and all administration is done through a Web Browser. SUS can be installed on a machine with Windows Server 2008, Server 2003 or Windows 2000 Server SP2. The client component of SUS is Windows Automatic Updates, which is supported see table below.

The client can also be downloaded separately from Microsoft’s Website