ISDB to block server updates

Forum|Forum|5 years ago
August 10, 2020
1 reply
5041 views

Hey Everyone,

Our projects team are having issues stopping server 2016/2019 from updating automatically during the day and they have turned to networking.

I've tried creating a deny policy with the destination as Microsoft-Microsoft.Update and it's showing log violations but Updates are still able to download with Microsoft Updates. (server 2019)

Anyone had any luck trying to do something like this? Unfortunatley, a manual address list with Microsoft is too broad as we can't block Office 365 and other similar services.

Thanks

6.0

James_G

New Member

This is a server management issue and not a networking issue, none of our 2016/2019 servers update randomly during the day even tho they have access to the WSUS server 24/7

MattyG2787Author

New Member

WSUS gives you access to control the update times. Installing a WSUS for 150 different AD's would be extremely costly to clients.

I simply asked if anyone knew of a way to block this via Firewall to stop automatic updates

rohitchoudhary1978

Visitor III

Hi, It can be stopped from application control. You can make 2 policies which will be clone but with 2 different schedule(Night and day) and allow or deny updates as desired but through application control. This is what we do

Thanks

Rohit k

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded