Monitor Windows Updates and Windows Defender Antivirus with Update Compliance
With Windows 10, organizations need to change the way they approach monitoring and deploying updates. Update Compliance is a powerful set of tools that enable organizations to monitor and track all important aspects of the new servicing strategy from Microsoft: Windows as a Service.
Update Compliance is a solution built within Operations Management Suite (OMS), a cloud-based monitoring and automation service which has a flexible servicing subscription based off data usage/retention. For more information about OMS, see Operations Management Suite overview.
Update Compliance uses the Windows diagnostic data that is part of all Windows 10 devices. It collects system data including update installation progress, Windows Update for Business (WUfB) configuration data, Windows Defender Antivirus data, and other update-specific information, and then sends this data privately to a secure cloud to be stored for analysis and usage within the solution.
Update Compliance provides the following:
- Dedicated drill-downs for devices that might need attention
- An inventory of devices, including the version of Windows they are running and their update status
- The ability to track protection and threat status for Windows Defender Antivirus-enabled devices
- An overview of WUfB deferral configurations (Windows 10 Anniversary Update  and later)
- Powerful built-in log analytics to create useful custom queries
- Cloud-connected access utilizing Windows 10 diagnostic data means no need for new complex, customized infrastructure
See the following topics in this guide for detailed information about configuring and using the Update Compliance solution:
- Get started with Update Compliance: How to add Update Compliance to your environment.
- Using Update Compliance: How to begin using Update Compliance.
Click the following link to see a video demonstrating Update Compliance features.
Update Compliance architecture
The Update Compliance architecture and data flow is summarized by the following five-step process:
(1) User computers send diagnostic data to a secure Microsoft data center using the Microsoft Data Management Service.
(2) Diagnostic data is analyzed by the Update Compliance Data Service.
(3) Diagnostic data is pushed from the Update Compliance Data Service to your OMS workspace.
(4) Diagnostic data is available in the Update Compliance solution.
(5) You are able to monitor and troubleshoot Windows updates and Windows Defender AV in your environment.
These steps are illustrated in following diagram:
This process assumes that Windows diagnostic data is enabled and data sharing is enabled as described in Enrolling devices in Windows Analytics.