I have seen a number of similar questions, but all of them are either out of date, or presume an offline network, or offline servers.
We have a large number of remote locations, most of which do not have their own IT shops. Each of those locations has at least two and possibly many workstations that are not connected to any kind of network whatsoever. Those workstations are running Windows 10 Enterprise. None of those things is negotiable.
Two to four times a year, we prepare an update for our application. The remote locations retrieve that update via our secure web portal, load it on to a flash drive, and apply that update on each workstation. I would like to use that as an opportunity to also install any security or critical updates for Windows since the last update.
So far my best option I've seen is WSUS Offline, but it does not make it easy to do incremental updates and without that eventually the download size will become unreasonable. I have not used WSUS or SCCM, but it looks like they do not have the option to create an offline installer. The target workstations are very locked down, so in my ideal world I would like the resulting executable(s) to be signed by either Microsoft or us.
Are there any other options I should be looking at? We have no problems paying for an enterprise solution if available. Right now I'm seriously considering taking the source from WSUS Offline and modifying it to fit my needs, but I would rather not tie up my development resources.
No comments:
Post a Comment