Windows Update for Business (wub wub wub wub) Who employed Claptrap?
-
Propaganda link: http://blogs.windows.com/bloggingwindows/2015/05/04/announcing-windows-update-for-business/
Introducing Windows Update for Business
With Windows 10, we’re excited to provide you a new option – Windows Update for Business. We have been working with IT professionals all over the world to design new capabilities in Windows Update, designed for end-user devices within businesses. Windows Update for Business will provide:Distribution rings, where the IT Pro can specify which devices go first in an update wave, and which ones will come later (to ensure any quality kinks are worked out).
Maintenance windows, where the IT Pro can specify the critical timeframes when updates should and should not occur.
Peer to peer delivery, which IT can enable to make delivery of updates to branch offices and remote sites with limited bandwidth very efficient.
Integration with your existing tools like System Center and the Enterprise Mobility Suite – so that these tools can continue to be that ‘single pane of glass’ for all of your systems management.
Windows Update for Business will reduce management costs, provide controls over update deployment, offer quicker access to security updates, and provide access to the latest innovation from Microsoft on an ongoing basis. Windows Update for Business is FREE for Windows Pro and Windows Enterprise devices. It’s part of our intelligent cloud – we will update and maintain Windows devices for you, while still giving you control.If you are interested in shaping Windows Update for Business with us, please join the Windows 10 Insider Program today. As you roll out Windows 10, we recommend you segment your Windows devices and consider the best updating approach for each class of device, and then start a pilot of Windows Update for Business with your end-user devices. Together, as partners in the innovation of IT, we will make this a great solution for your business end-user computing needs.
-
Sounds like an awesome update. This is something that Windows has really been needing.
-
That's amazing.
-
It's already in the preview.
It can do peer to peer locally and over the internet. By default it does local and with anyone on the internet.
My guess is this will be the first feature attacked. Even with local p2p only. If they can spread malware and viruses with it it could be very effective.
-
It's just local WSUS, basically. So the attack surface is probably very similar.
-
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
-
@thecreativeone91 said:
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
That's true. But WSUS had the same risk. Yes, there was only one copy of it, but it was the same basic risk. If you could hack WSUS it would infect everything. Yes this is more copies of WSUS, but the concept remains the same. Risk higher? Yes. Risk high? Only if WSUS was a high risk.
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
-
And I think that they made a point of central control existing here too.
-
@thecreativeone91 said:
Except WSUS is centrally controlled. This is every computer acting as one. Meaning if any computer gets infected it could have a chance to infect others. This is also going to allow p2p application level updates (thought its not working yet.). It's a bit torrent technology they bought from Pando.
Just because distribution is P2P, that does not mean that there is no central control mechanism.. One does not infer the other.
-
@scottalanmiller said:
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
As of now, no. You can only choose when they get updates.
-
I have to assume that even if the updates themselves are coming from a peer, that they are checksummed against something in the Windows Update for Business system, not just taking the word of the peer.
Assuming this all stays cloud based we should be even more protected than WSUS was.
-
So is WSUS gone? and replaced with a cloud service? How do you register?
FYI I haven't clicked on the link yet.
-
No cloud service. It's a bit torrent service. With groups to roll updates in phases.
-
@thecreativeone91 said:
@scottalanmiller said:
And I assume you can control the peer to peer nature as well. So that not all peers can push updates.
As of now, no. You can only choose when they get updates.
I expect that to change very quickly.