Deploy a Windows Agent through Microsoft’s Windows Server Update Services (WSUS)

When you deploy the Software Vulnerability Research Windows Agent through Microsoft’s WSUS, the Windows Agent is installed on machines that report into WSUS, is scheduled to run as a service, and reports results back daily.

To deploy a Windows Agent through WSUS:

1. If not already done, install and configure the Software Distribution Daemon for Windows. See Daemon Deployment and Install the Daemon.
2. To view the Daemon’s status page, go to Settings > Assessment > Update Servers & Daemon. After you click a Daemon, select one of the following options: More Info, Schedule Refresh, View Servers & Groups, Deploy Daemon, Delete Daemon, and Disable Daemon.

Select the More Info option to see Daemon information like the screen capture below. The Last Connected time stamp confirms whether the Daemon has reported recently, which is usually an indicator for good health. To sign packages externally, click Sign Packages manually. By default, it is set to Automatic.

 

Select View Servers & Groups to display the Software Vulnerability Research instance your Daemon has been integrated with.
3. To publish an Agent Deployment package to WSUS and to select the server and corresponding computer groups it maintains, select Deploy Agent.

In theory and practice, you can have multiple Daemons set up in multiple networks connected to multiple deployment servers. You can also select your package to be published to multiple deployment servers simultaneously in a centralized fashion.