MagnumVP Posted December 4, 2012 Report post Posted December 4, 2012 I'm aware that a Distribution Point can not be used as a software update location (Too bad - stuck with WSUS for now), but can it be used to stage Forefront definition updates for systems in that site? I want to utilize Forefront for security but don't want the systems in remote sites to pull down the definition updates over the WAN. Quote Share this post Link to post Share on other sites More sharing options...
MagnumVP Posted December 13, 2012 Report post Posted December 13, 2012 Does anyone know the answer? Quote Share this post Link to post Share on other sites More sharing options...
GarthMJ Posted December 14, 2012 Report post Posted December 14, 2012 I'm aware that a Distribution Point can not be used as a software update location (Too bad - stuck with WSUS for now), but can it be used to stage Forefront definition updates for systems in that site? I’m not sure what you mean by the above. Yes you can use a DP to download SU’s (or Forefront defs) themselves (not the detection details, just the SU themselves) Quote Share this post Link to post Share on other sites More sharing options...
MagnumVP Posted December 14, 2012 Report post Posted December 14, 2012 Sorry I wasn't more clear. It was my understanding that clients in the remote locations don't look to the DP for it's Software Updates but communicate directly with the Primary to verify update Approval/Denied. Quote Share this post Link to post Share on other sites More sharing options...
GarthMJ Posted December 14, 2012 Report post Posted December 14, 2012 They talk to your MP, which is very little traffic and default client will do this once an hour anyways. If you are talking about the SUP, then it too is fairly small traffic after the initial download of the wsus catalog. Quote Share this post Link to post Share on other sites More sharing options...
MagnumVP Posted December 14, 2012 Report post Posted December 14, 2012 So if I have 50 workstations in a remote site with a DP and I approve 15 updates company wide (with a cumulative size of 100MB) will the updates get pushed to the DP and the workstations pull from there? Or will all 50 workstations independently pull 100MB each (totaling 5GB) across the WAN connection? Quote Share this post Link to post Share on other sites More sharing options...
GarthMJ Posted December 14, 2012 Report post Posted December 14, 2012 Assuming that you have protect the DP, the 50 clients will pull the SU from the protected DP. Aka you will use 100mb over the WAN. Quote Share this post Link to post Share on other sites More sharing options...
MagnumVP Posted December 14, 2012 Report post Posted December 14, 2012 "Protect" the DP? Quote Share this post Link to post Share on other sites More sharing options...
GarthMJ Posted December 14, 2012 Report post Posted December 14, 2012 Yes, protect the DP. You should do that for all remote DP, otherwise, clients will randomly pick a DP form anywhere on the network. HQ clients might pick a regional DP and visa versa. http://technet.microsoft.com/en-ca/library/bb892788.aspx 1 Quote Share this post Link to post Share on other sites More sharing options...
MagnumVP Posted December 14, 2012 Report post Posted December 14, 2012 Even though this article is for 2007, does it apply to 2012? Quote Share this post Link to post Share on other sites More sharing options...
