160 likes | 442 Views
Understanding and Implementing WSUS 3.0. Edwin Sarmiento Microsoft MVP Senior Systems Engineer/DBA Fujitsu Asia Pte Ltd Email: edwin_sarmiento@hotmail.com Blog: http://bassplayerdoc.blogspot.com. Session Agenda. Overview Deployment Topologies Installation
E N D
Understanding and Implementing WSUS 3.0 Edwin Sarmiento Microsoft MVP Senior Systems Engineer/DBA Fujitsu Asia Pte Ltd Email: edwin_sarmiento@hotmail.com Blog: http://bassplayerdoc.blogspot.com
Session Agenda • Overview • Deployment Topologies • Installation • Configuration • Administration • Resources
Overview • Fact #1: There is no such thing as a perfect system • Fact #2: There is no such thing as a secure system • Fact #3: There is no such thing as a disconnected system • Solution: PMP • Patch Management Program
Overview Patch Management a process to create a consistently configured environment that is secure against known vulnerabilities in operating system and application software. Patch Management = big headache What is Windows Server Update Services ? a centralized updates and hotfixes deployment service for Microsoft servers and workstations COST = FREE
Deployment Topologies Single Server WSUS Server Microsoft Update
Deployment Topologies Synchronized Servers (chained) WSUS Server Microsoft Update WSUS Server
Deployment Topologies WSUS Server Disconnected Microsoft Update WSUS Server
Installation • Windows Server 2003 with SP1 • IIS 6.0 or later • .NET Framework 2.0 • BITS 2.0 or later • Microsoft Report Viewer 2005 Redistributable • MMC 3.0 for the administration console • SQL Server 2005 with SP1 (Optional)
The 10 Immutable Laws of Security If an attacker can persuade you to run his program on your computer, it is not your computer anymore 1 If an attacker can alter the operating system on your computer, it is not your computer anymore 2 If an attacker has unrestricted physical access to your computer, it is not your computer anymore 3 If you allow an attacker to upload programs to your Web site, it is not your Web site any more 4 Weak passwords prevail over strong security 5
The 10 Immutable Laws of Security A computer is only as secure as the administrator is trustworthy 6 Encrypted data is only as secure as the decryption key 7 Out-of-date antivirus software is only marginally better than no antivirus software at all 8 Absolute anonymity is not practical in real life nor on the Web 9 Technology is not a panacea 10
Resources • WSUS TechCenter • http://technet.microsoft.com/en-us/wsus/default.aspx • WSUS Product Team Blog • http://blogs.technet.com/wsus/default.aspx • WSUS.info • Windows Server Update Services Wiki • http://www.wsuswiki.com/
Questions edwin_sarmiento@hotmail.com http://bassplayerdoc.blogspot.com