If security is a key factor in your environment, then taking the necessary steps to secure your WSUS environment only makes sense.
■ If you are using restrictive firewall settings, make sure that the appropriate ports and sites are accessible from the WSUS server.
■ If you are planning to use WSUS services through a firewall, make sure the appropriate ports are open on the firewall (ports 80, 443, and 750) so that clients can communicate with the WSUS server.
■ One of the keys to using SSL is to make sure that you only secure the recommended sites. If you secure all sites, WSUS will fail.
■ If the price of a commercial SSL certificate is out of your budget, consider setting up an internal CA with Windows 2003.
■ Make sure to adjust GPO or the local security options on all WSUS clients to https:// so that they can communicate with the WSUS server.
Was this article helpful?