60 votesDave Hope commented
We have about 1,600 devices. 900 of those are off-network, connected via site-site VPNs. Each location has maybe 1-3 users, so not worth having a distribution replica in these small sites. We have split the patching configuration into multiple schedules so as to reduce the number of clients in each batch, and therefore the bandwidth each patch schedule consumes.
We would like to manage the bandwidth consumed by patching; the options we see as viable are:
• Allowing clients to download updates direct from Microsoft or Lumension directly;
• Allow us to host a HTTP server, hosting a deployment replica from which clients could download files over the internet rather than over our VPN links;
• Worst case, some way to limit simultaneous patch downloads such as run X machines at a time, or options to randomise connection times;Dave Hope supported this idea ·