Difference Between an Upstream, Downstream and Disconnected Downstream Server

by Admin | Published on 2020.02.12 | Blog

A basic WSUS deployment is composed of a single server within a corporate firewall which connects directly to Microsoft Update. In this simple configuration, updates are downloaded directly to the server. If your configuration includes multiple servers, you’ll have a hierarchy that will include an upstream server and downstream or disconnected downstream servers.

Upstream Server
An upstream server is at the top of the hierarchy and downloads directly from Microsoft Update. The upstream server then passes on updates, approval statuses and computer groups down the line.

Downstream Server
A downstream server is a server that receives updates—not from Microsoft Update—but from a connected upstream server. There are two different downstream configurations:

Downstream Replica (Centralized Administration) – Replica servers inherit update approvals and are not administered separately from the upstream WSUS server.

Downstream Autonomous (Distributed Administration) – The upstream server shares product and classification lists, and updates synchronization but downstream autonomous servers are administered separately and do not receive update approval status or computer group information.

Disconnected Downstream Server
A WSUS upstream server can be connected to the Internet but isolated from the intranet. In this scenario, to update the downstream disconnected servers, the updates need to be exported and manually imported to the disconnected servers.

The number of WAM licenses you’ll need depends on your WSUS configuration. For a simple WSUS setup, you only need a Single or Upstream License. For multiple servers, you’ll also need a Downstream License for each downstream replica or autonomous server. In a disconnected network, you’ll need a Single or Upstream license for each online WSUS staging server and a Disconnected Downstream license for each disconnected WSUS server that you export to. Learn more about WAM licensing.

Purchase WAM and save time on WSUS maintenance.

WAM was developed by AJ Tek and is used by system administrators worldwide—from Australia to Antarctica. With over 50,000 unique downloads, it’s the preferred method of WSUS maintenance worldwide. Our vision is to make IT simple and automated.

Follow AJ Tek on Facebook and LinkedIn for
updates on new releases and products.

Latest Blogs

How Often Should I Run WSUS Maintenance?

Last updated 2023.07.25 | Published on 2019.10.09

According to Microsoft Support, you should be performing WSUS maintenance monthly.1 Unfortunately,...

How to Protect Your Company from IT Security Risks

Last updated 2023.07.25 | Published on 2019.09.25

With the prevalence of cyberattacks, it’s imperative that every company has a cybersecurity plan....

How to Clear Space on WSUS Server

Last updated 2023.07.25 | Published on 2019.09.11

If your WSUS server is consuming too much space — it can be a symptom of slowdowns, errors and...

Why We Don’t Offer a Free Trial of WAM

Last updated 2023.07.25 | Published on 2019.08.28

At AJ Tek, our vision is to make IT simple and automated for professionals. Our flagship product,...

Manage WSUS Updates in the Banking Sector

Last updated 2020.02.01 | Published on 2019.08.14

Banks have strict protocols when it comes to security and it can be hard for system administrators...

Best Way to Maintain WSUS in a Law Office

Last updated 2023.07.25 | Published on 2019.07.24

When working with sensitive and confidential information, it’s imperative WSUS is regularly...

WSUS Automated Maintenance for School Systems

Last updated 2023.07.25 | Published on 2019.07.10

WAM is the best solution for system administrators working in school systems where thousands of...

The Benefit of Being a Microsoft MVP

Last updated 2023.07.25 | Published on 2019.06.19

Adam Marshall, President of AJ Tek, has the proud distinction of being a Microsoft Most Valuable...

How to Prepare for On-Prem WSUS UUP Updates

Blog, Guides

Quality updates are coming on March 28 for on-premises Windows 11, version 22H2 devices. The updates are coming via the Unified Update Platform (UUP) which interoperates with WSUS and Microsoft Configuration Manager. UUP quality updates are cumulative, including all...

WSUS Automated Maintenance (WAM) Best Practices

Blog

When configuring WSUS, you can consult Microsoft’s best practices. This will guide you through what to tune in WSUS. Still, there are different approaches to building and maintaining a WSUS Server, and overall, the situation can be rather complicated. That’s why WAM...

Discover the Best Microsoft Patch Management Option

Blog

Microsoft patch management is an essential aspect of keeping your organization’s computer systems secure and up to date. However, many organizations fail to take this task seriously, leaving their systems vulnerable to security threats and other issues. To this day,...