Home Articles FAQ Error Codes Downloads Links

What hardware do I need to support a large WSUS environment?
In general, MS recommendations for a 10,000+ WSUS deployment is a dual P4 system with a back end database server sized appropriately.
 
Formulas for disk space are determined by two things:
 
    (1) Content store -- dependent on
            languages selected,
            platforms selected,
            whether you enable express updates (recommended for large client installations)
            and actual content downloaded pursuant to approval for installation of updates.
 
    (2) Database size -- dependent on
            the size of the metadata downloaded, based on languages and platforms selected,
            and the number of clients reporting to the server.
 
CPU/RAM is a matter of theoretical discussion. MS recommends a dual P4 system with 1GB RAM
 
What does an ASP.NET server talking to a back end database server need to support 5,000 clients? With a 22 hour detection cycle and 5,000 clients, the server needs to handle a load of 227 clients per hour (on average), which is less than four clients per minute, with each client executing at least one SELECT and one UPDATE for each daily access via calls to three web services (reportingwebservice.asmx, simpleauth.asmx, and client.asmx) and some sort of query to the selfupdate to determine if a newer WUA is required. (I have not yet researched the internals of how this is accomplished.)
 
What does it take to support a half dozen hits per minute on a webservices server?
What does it take to support 8-10 SQL commands per minute on a SQL Server 2000 system?
 
Double the values if you want to put all 10,000 clients on the same server.

And allow for appropriate overhead for the once-per-month update cycle.

 
NOTE: The server will never be your bottleneck. If you're sizing your organization to support 10,000 WSUS clients, what you need to be looking at is infrastructure, specifically your WAN bandwidth. What are the size of your pipes? What is the average amount of WAN bandwidth available on a per-client basis? If you factor in BITS throttling, how long will it take to transfer the average monthly update bundle to a WAN connected client. Can you transfer that content without backing up the queue on the WSUS server(s)?
 
Simply put... a single WSUS server can easily handle 10,000 clients on a LAN infrastructure, where every client has 100Mbit/sec of bandwidth, and monthly update bundles are measured in timeframes of seconds, or(rarely), minutes. But what happens if 90% of those clients only have 56k of bandwidth before BITS throttling to transfer updates? As the WSUS server queues up more and more file server requests, the bandwidth on the WSUS server will begin to choke itself. Even if you remove all throttling from BITS, place it in foreground mode, put it on a dedicated interface card, with a VLAN direct to the WAN connections --- How many simultaneous 56k file transfers can the system handle on the corporate port connection to the WAN and how long will it take to get the updates to the clients.
 
Truly, I suggest that the question is not sizing the server, but properly identifying and evaluating the impact to the network infrastructure, and placing WSUS servers based on the WAN bandwidth to service the number of clients that can be functionally serviced by the available bandwidth.