I assume that all of us are aware of windows updates. We buy the software/operating system from Microsoft and we get the security patches, updates and service packs for free to download. To download these software, we incur a cost for bandwidth. If you have 3 computers at home, each PC must manually download the updates from Microsoft, which can be quite demanding on your Internet link. Let us assume an enterprise with 1000s of machines. Automatic Update feature has no information and makes no judgments about service level agreements (SLAs), buggy updates, or anything else; it simply downloads and applies. .
if there are large number of machines and there is a need to keep the windows updates synchronized in all machines. it is not simple affair. Some would perform update on auto mode and some would perform on daily basis. That means the machine environments are going to be inconsistent. More is this example, enterprise applications work only on IE6 and I do not want my user desktops to be upgraded to later versions of IE. if they have windows updates, they can upgrade and this can cause productivity problems in operations. What happens if the windows updates has a bug and make the enterprise vulnerable. How can I evaluate an update on some test machine and and test the updates prior to deploying in all the machines of my enterprise.
To solve this challenge, there comes Windows Server Update Services, otherwise known as WSUS. It Enterprises make use of WSUS integrated under SCM(System Centre Configuration Manager). In addition there is a simple programmable interface WSUS SDK. This programmable interface helps application to get the meta data about the various updates without getting the actual updates.