We know that when using CMG, we redirect the Software Updates to download from Microsoft Windows Updates from the internet, instead of using cloud DP to download the content to save cost.
On that note, our SCCM clients onprem (within our corporate network) scans and downloads updates from onprem SUP. All good here.
But users have the ability to scan the updates on their own and download it from Microsoft Windows Updates from internet. To stop this we want to deploy the GPO "Turn Off access to all Windows Update features". We know this will stop the users from downloading it from internet.
What we are not sure is whether, it will also stop CMG from downloading from Microsoft Windows Updates.