[ENGLISH] Speed Up Patching: Express Installation Files @ WSUS


Actually, the idea is quite simple. The implementation exists since WSUS 3.0, though the application is not well known (anyhow I rarely see it in production at my clients).

WSUS capacities and updates management are well known to us, and it allows two particular things:

1. To be sure that all our machines have the same level of updates while centralizing approvals and rejections.

2. It limits the use of the bandwidth WAN (internet link) downloading only once each update from the Internet.

Simply put: I aprove a 100Mb update in my WSUS console, that downloads from Windows Update (100Mb of Internet use), and deploys it on the client’s machines (N x 100Mb of LAN use). In the reference link here after, there is the perfect illustration of it:



Effective and simple, after all using the LAN bandwidth is hardly ever a problem…

But what if it becomes a problem, or what if we’d wish to optimize (read minimize) the use of the LAN bandwidth?

You just have to check one WSUS management console checkbox to divide by 5, even 10 the use of the bandwidth… Interesting, huh? Let’s proceed…

In fact, the use of ‘Express installation files’ is an option that allows the download of an update that doesn’t come in a package (a KB for all systems and all settings), it allows you to retrieve all the individual files that are in the update, the KB, with the precise description of each ‘how-to use’ downloaded file.

As a matter of fact, when I launch an 100Mb update via WSUS or directly from Windows Update, the machine works locally with the 100Mb then, extracts it on a temporary file and finally analyse the files and their description in order to pick up the correct one… installing only 10Mb instead of the whole downloaded 100Mb. This has two major negative consequences: the consumption of the LAN bandwidth and the use of free space on the machine’s disk (or the server) …

The express installation files make it possible to get away from those two problems, extending the life of the hard disks, but also giving you a better quality service of your LAN network by only using it at its minimal. It quickens the massive waves of updates in your network.

So, why Microsoft doesn’t activate this feature by default?… it’s only a matter of WSUS savings[rtdj2] : downloading unzipped files rather than KB compressed files, has two major drawbacks: first, the volume of your WAN (Internet) consumption is going to increase in a major way, but this increase also applies to your local storage space, on your WSUS server. If a KB destination is (7/8/8.1/10/2008/2008R2/2012 & 2012R2) in 32 and in 64 Bits would weight 100Mb compressed, then it wouldn’t be surprising that the same files, unzipped and with their detailed manifesto would weight 3 times more (300Mb), and here, we are only considering 1 KB.

Then, when deploying this same KB on W10 machines, only the usefull 30 Mb are send on the machines, which lowers considerably the LAN traffic: 70 Mb by machine!

You can see in the next illustration how it works:


The problem is simple, taking this very example of the KB on 1000 machines: you save (1000*70 Mb) 70 Gb of LAN traffic in exchange of a WAN use, and an extra 200Mb of WSUS local storage… For me it’s simple, I systematically check the checkbox! Storage is not a problem anymore, especially with WSUS that doesn’t have performance issues, and knowing that WSUS synchronization is always set outside the working hours, I don’t have to worry about the Internet high-speed…

I Always mention it during my training sessions as a well-kept secret, but frankly, I don’t know of any client that wouldn’t be happy to take advantage of it…

You can find the checkbox here:


Don’t forget to plan your WSUS cleaning operations regularly, if your WSUS took a lot of space before checking that box, beware that the amount of space is seriously going out of proportions! So, pay more attention to your WSUS storage…

For further details, refer to this article:


May your updates be as good as your day,

See you,


Text translated by:


A propos Red Kaffe

IT Trainer and Consultant on Microsoft Technologies. Windows Server and Client, Service Center 2012, WSUS/MDT/ADK/WAIK, SBS 2008/2011, Office 365, etc. Fully dedicated to support and train my customers...
Cet article, publié dans Deployment, ENGLISH, Formation, Security, WSUS, est tagué , . Ajoutez ce permalien à vos favoris.

Votre commentaire

Entrez vos coordonnées ci-dessous ou cliquez sur une icône pour vous connecter:

Logo WordPress.com

Vous commentez à l’aide de votre compte WordPress.com. Déconnexion /  Changer )

Photo Facebook

Vous commentez à l’aide de votre compte Facebook. Déconnexion /  Changer )

Connexion à %s