After many delays, Microsoft has finally begun consolidating its patch-management infrastructure technology and rolling out the end-user products that take advantage of the technology. The first product was Windows Update 5.0, which shipped alongside Windows XP Service Pack 2 (SP2) in third quarter 2004. But the most eagerly awaited Microsoft patch-management product, Windows Update Services (WUS)—the successor to Microsoft Software Update Services (SUS)—is also nearing completion. Now available as a free Web-based beta download, WUS offers companies of all sizes a more impressive array of capabilities than was possible with SUS. Here's what you need to know about the WUS public beta.

Not Just About Windows
Despite its name, WUS deploys patches for more products than just Windows-based software. WUS is based on the new Microsoft Update infrastructure, which provides patches for all currently supported Microsoft products. The initial release of WUS will support all supported versions of Windows, Microsoft Office 2003 and Office XP, Microsoft Exchange Server 2003, SQL Server 2000, and Microsoft Data Engine (MSDE). WUS also supports all IA64 (Itanium) and x64 (AMD64 and Extended Memory 64 Technology—EM64T) Microsoft products. And because support for new products becomes available via Microsoft Update, WUS will automatically support new products.

It's Not All or Nothing
Unlike SUS's flat updating system, WUS offers fine-grained control, whether or not you're using Active Directory (AD). Administrators in AD-based environments will find that WUS integrates with the organizational units (OUs) and other Group Policy-based groups they've established, letting them distribute patches via different methods to different kinds of machines.

Smaller businesses that use non-AD or workgroup-based environments can use a graphical tool provided in the WUS management console to create logical groups of machines (e.g., domain controllers—DCs, Dell laptops) called computer groups. These businesses can then set up patch-deployment options according to these groups. I'm heartened that Microsoft is supporting non-AD environments because so many small businesses fall into this category. Furthermore, WUS supports patch rollbacks, simplifying disaster recovery in the event that a patch causes problems with machines in your environment.

Reports Keep You Up-to-Date
Although customers liked SUS, many asked for some sort of reporting and assessment functionality, which Microsoft has provided in WUS. WUS presents several basic reports out-of-the box, including update status (which updates have been approved and installed), synchronization results (the most recent synchronization events), and a settings summary (a summary of the WUS server configuration settings). You can also filter each report in various ways to create custom reports.

Recommendations
WUS is a revolutionary software product that Microsoft has made even more appealing by giving it away free of charge. WUS runs on Windows 2003 and Windows 2000 Server and requires only basic hardware: Microsoft says that a 1GHz Pentium III-based system with 512MB of RAM can support more than 15,000 clients, making WUS a perfect choice for a repurposed older machine. Unless you already run an enterprise-class patch-management product such as SUS, you should consider using the WUS beta. And the product is simple enough to use that even the smallest businesses, with no true IT staff, can install and manage it. Evaluate WUS now by downloading the beta from http://www.microsoft.com/wus.