question

RonnieJudge-5854 avatar image
0 Votes"
RonnieJudge-5854 asked RitaHu-MSFT edited

Windows update to DMZ in Azure

Hi all.

I know there are a load of info about updating DMZ server but not seen anything about updating DMZ servers in Azure which does also give me a few more options.

Yes my security team will also not allow hole be punched through our FW so I need to find a few more option as I can't use my SCCM server to patch them.

From what I have found so far these are my options and what to know if anyone has use any of these and what are the pit falls and are there future proof in any of these yes I know nothing is future proof but as much as possible.

Options are: In no particular order
Use Windows Update manual config on each server.
Windows Update for Business.
Azure Update Management.
WSUS Role on one server and other server to point to the WSUS Server.

Not sure if I have missed any other options I can explorer?

Any feedback will be greatly apricated.

mem-cm-updates
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Jason-MSFT avatar image
1 Vote"
Jason-MSFT answered

WUfB doesn't do servers.

Have you considered placing a site system in the DMZ and then only allowing traffic between it and the necessary internal resources?

Another option is to use a CMG. This would mean issuing certs to these systems, but it would work.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.