What is the diference between GPOs, WSUS, SCCM and SCE in software and patch deployment?

group-policy wsus sccm patch-management system-center-essentials
18,451

Solution 1

With GPOs you can only do basic software distribution tasks (i.e. automatically install some software), and you don't have much control on this process.

With WSUS you can do all of your patch management, but it's not a full-featured desktop management solution.

SCCM is exactly this: you can manage almost everything on your network using it.

System Center Essentials is a reduced bundle of SCCM and SCOM, tailored to small- and medium-sized companies.

You can find a product comparison between SCCM, SCOM and SCE here.

Solution 2

WSUS is the Microsoft's basic offering for enterprise OS and Microsoft application patching. It is capable of connecting to Microsoft's update catalogue, has a small amount of configuration around scheduling rollouts by groups etc, and limited reporting details on patch deployment.

SCCM (System Centre Config Manager) is the replacement for SMS, it has SCUP (System Centre Updates Publisher) as one of it's components. This builds on top of the WSUS infrastructure and components and gives you massively more configuration and reporting, as well as having the ability to connect to other vendors' update catalogues (Adobe, Dell, HP, etc) and also deploy your own custom patches for any apps. In addition to patching, SCCM also retains all the software packaging, and deployment, OS deployment, etc of SMS.

GPOs (Group Policies) can be used for software deployment, but doesn't have any special patch-specific functions, and has very limited info/reporting on deployments

SCE (System Centre Essentials) is a cut-down SCCM for smaller businesses that shares much of the functionality of it's big brother.

Share:
18,451

Related videos on Youtube

Eddy
Author by

Eddy

Updated on September 17, 2022

Comments

  • Eddy
    Eddy over 1 year

    If any one can explain to me the difference between sccm, wsus, gpo, sce "system center essential", in sw and patch deployment.

    Thanks

  • Eddy
    Eddy over 14 years
    thanks, can you tell me what is the limitation of GPO ?
  • Eddy
    Eddy over 14 years
    what do you mean "special patch-specific functions" ?
  • GAThrawn
    GAThrawn over 14 years
    For patch installation, you can either do a 'dumb' this is an installer, send it to the PC and run it; or a proper patch package scans the machine, checks exact version ranges of installed software and only sends out what's needed, reports back on machines that install/reject/don't need it and history, and use the Windows Update Agent infrastructure on the PCs to do this.
  • Massimo
    Massimo over 14 years
    You can only deploy .MSI packages, you have no control on when the installation will happen, you can't handle dependencies, you can't check if an application is already installed, GPOs must be linked to specific Active Directory OUs, there is no centralized reporting... and probably many else.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SCCM SUP cannot connect with WSUS Server - WSUS Server version 3.0 SP2 or above is not installed
Is it possible to deploy Internet Explorer 11 (IE11) via WSUS 3.0 SP2?
Stop Feature upgrades and properly manage them via WSUS
Change group policy using windows CMD
Windows Update Group Policy removed but still can't run updates
Remove machines from WSUS
Configuring location based GPO for WSUS updates but only for some clients
SCCM using an existing WSUS server
Windows Updates not working via SCCM 2012 R2
WsusContent folder how to clear down