Forum Discussion

nikeshmistry's avatar
nikeshmistry
Copper Contributor
May 05, 2020

SCCM CMG Windows Updates

Hi,   We have recently setup CMG in our environment for VPN devices only, but slightly confused as to how the content for Windows Updates would work as well as content for applications.  Currently ...
Dune Desormeaux's avatar
Dune Desormeaux
Former Employee
May 06, 2020

nikeshmistry Great question thank you. Depending on how you have your boundary fallback setup your devices could be set up to get content from on-prem DPs. 

 

A cleaner option might be to set the "Prefer cloud based sources over on-premise sources" option on your VPN boundary which will rearrange your order of content acquisition preference so that the CMG would be first. In this way you could associate both the on-prem DP and CMG with your VPN boundary and the app content which isn't available on the CMG would be acquired from the DP.

 

Check out Rob's other blog on boundaries for more information: https://techcommunity.microsoft.com/t5/configuration-manager-blog/managing-remote-machines-with-cloud-management-gateway-in/ba-p/1233895

 

Finally, make sure you have considered letting clients get Windows Update content directly from the Windows Update service rather than publishing that content to your CMG. It could be more performant and would definitely be cheaper.