Re: Microsoft SUS on Apache?

[John Tracy <tracy () kepler covenant edu>]

Hi Jason,
     I would seriously doubt that this would work well. When you use 
Software Update Services, it's not identical to using 
http://windowsupdate.microsoft.com. First, you don't open up 
http://localsusserver in a web browser and start your updates. The SUS 
server is a mirror of the patches available at Windowsupdate, but the 
way that end users actually get the patches installed is different.
     The best way to deliver the patches to the end users is to setup a 
Group Policy which tells domain member machines to get their Windows 
update from http://localsusserver. Then the clients automatically detect 
(and/or download and/or install) when new updates are available. The end 
user never sees the familiar website--it's handed by the Windows Update 
client, which is installed automatically with SP3 in Windows 2k, and I 
believe by default with Windows XP (SUS doesn't provide patches for OS's 
older than Windows 2000). The Windows Update client software is the only 
way that client machines can get updates from an SUS server that I'm 
aware of.
     If you're running a network of domain member machines that are 
primary Windows 2000 and above, with a Windows domain controller, this 
is wonderful software. It might be worth the cost of an additional 
server license if you consider the cost savings in manhours (of course 
if the software was written better to begin with, that would be an 
entirely different story).
     The primary audience for SUS seems to be corporate LANs that are 
fairly homogeneous anyway--and would likely have a Windows server that 
is already licensed sitting around, and hence the ability to throw an 
extra service on it.

Hope this helps... feel free to throw any questions/thoughts/flames my way.

John Tracy



> Does anyone have any experience trying to get SUS running on an open source
> web server?  
>
> I haven't looked at the license agreement for SUS but I would imagine there
> is language in there making this illegal or restricted.  Anyone read it over
> recently who can comment on this?
>
> Justifying the cost for SUS (free) is easy until you realize you have to pay
> for a Microsoft Server license to run it. 

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------