Forum Discussion
Define Patch Approvals in WSUS but pull patches from Windows Update (Internet)
We currently use WSUS to distribute Microsoft patches and also use Solarwinds Patch Manager to push 3rd party patches into WSUS. This allows us to fully patch an endpoint with all MS and 3rd party so...
It will be incompatible, you may use WUfB (updates from Microsoft CDN). And run a script with scheduled tasks that sets temporary HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU!UseWuServer to your WSUS instance and run Windows Update Powershell cmdlet and filter-in 3rd party updates only.
Also try to deploy updates for one day each group of computers/OU.
A better option is to patch these with Intune or autoupdate apps if vendor provides such functionality. Cloud MGMT GW would be desired.
You have to weight out costs between a higher WAN/VPN, Intune, or CloudMGMT GW. I would say that if your environment is not large, upgrading WAN/VPN would be wise.