Register now or log in to join your professional community.
SCCM 2012 & WSUS
SCCM has a system role called Software Update Point (SUP). This role has to be installed on WSUS server. When it is set, SCCM can manage updates catalog and binaries to make updates packages. Such as WSUS, packages can be created regarding to classification, products, languages of the update (this is not an exhaustive list). Once these updates packages is created, it can be deployed with SCCM and use its powerful scheduler:
Regarding the storage part, when WSUS is added to SCCM, it no longer stores the binary files on its own store. Binaries are on SCCM content store. However WSUS still needs a database to store update catalog.
WSUS and SCCM are installed on the same machine. But it is the same process when WSUS is installed on another server. After integration of WSUS in SCCM hierarchy, I will deploy updates by two different methods:
Once SUP is configured correctly, the catalog of updates appears in SCCM console. A filter can be created regarding some criteria (classification, updates id, products etc.). Then updates can be added to a package and can be deployed. The deployment scheduling is configured manually. Then managed servers install updates in their maintenance period. This method is very useful on complex environment such as Exchange or Hyper-V cluster where patching should be orchestrated (move Virtual Machines or databases before patching etc.). The package can be used with System Center Orchestrator to be deployed and orchestrate patching.
Moreover the Cluster-Aware Updating is not compatible with software update from SCCM. An Orchestrator runbook should be created for this task. This is why it is possible to create a package manually and then deploy this last.
Automatic Deployment rules feature provides automatic creation and deployment of updates packages. The package creation can be scheduled (such as every second Tuesday of each month) and the choice of updates is made in function of some criteria (classification, updates id, products etc.). Once the package is created, it is automatically deployed in function of scheduling configuration. Then managed servers install updates in their maintenance period. This method should be used on mockup or simple environment.
WSUS is the windows update services. We will update the security patches or other patches to windows systems. SCCM is the centralised management system. SCCM application is using to Microsoft product upgrade & patching. Able to collect all the Desktop drivers appling. Any windows related application we will put through SCCM.
Microsoft SCCM has a great infrastructure to manage desktops and their applications. But, one of the limitations of SCCM is its inability to patch non Microsoft applications. This is a source of inconvenience for IT administrators as they have to work with multiple patch management tools like in order to update all business applications in the network, making this task highly time consuming.
To answer the question I would say both, because WSUS handles windows update only where SCCM SUP handles the same in different way and has many other features.
SCCM for remote support , patch management , Deployment of OS and Client Softwares.WSUS for patching and sccm is for total automation with in windows network.
WSUS for patching and sccm is for total automation with in windows network.
for Patch management - WSUS is fine.
SCCM for remote support , patch management , Deployment of OS and Client Softwares.
Use SCCM if available in your environment it gives you more flexiability than WSUS when applying updates to clients:
You can use both method for windows update but you will get more option to deploy hotfixs through SCCM
SCCM 2012 SUP is the better option.Anyway for getting updates from microsoft the WSUS role has to be enabled with update 4 patch in the SCCM 2012 server.
WSUS Update Server.Manage own Target Group and Approval