I love SUS. It means: 1. only one internal host needs to contact Windows Update. ..ever 2. all the currently-approved patches are internally available regardless of the Internet connection state 3. I can control what patches are delivered to which OS's 4. by using GPO or registry settings, I can also prevent the user from disabling AU (because they're not local admins) The only thing you want to be aware of is storage; the more OS's and flavors you support, the more storage you need for patches. I personally don't combine ISA with my web services, but YMMV... Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "cismic" <cismic@xxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, September 18, 2003 13:24 Subject: [isalist] RE: OT: News about SUS http://www.ISAserver.org Hi Amy, Is it wise to have a separate box setup to contain the sus information? And would this fit for both In the DMZ and internal networks in a back to back setup? I would like to think that having a separate Machine to monitor for SUS would be a good idea that way you can sever publish it and make your update Machine even more secure. Thank you, Joseph -----Original Message----- From: Amy Babinchak [mailto:Amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, September 18, 2003 1:23 PM To: [ISAserver.org Discussion List] Subject: [isalist] OT: News about SUS http://www.ISAserver.org Some good news from Microsoft. I just discovered this today in the welcome screen for my SUS (System Update Services). "Microsoft Software Update Services (SUS) now provides Windows service packs (SPs), in addition to critical and security updates. SUS will deliver Windows XP SP1, Windows 2000 SP4, and all future service packs for Windows 2000, Windows XP, and the Windows Server(tm) 2003 family of products." Amy ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^* All mail from this domain is virus-scanned with RAV. www.ravantivirus.com ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*