The latest from Microsoft is they will support feature releases with security updates for a minimum of 18 months. The original win10 update (1507) will hit 18 months in Jan if my math is right, so we'll see if they cut off security updates at 18 months pretty soon.
As far as I know, the only way to utilize the Symantec product to install feature updates is via software delivery (or reimage).
Is this what symantec customers are planning to do for Win10 support? What about the down time for clients (particularly laptop clients that go home)? Any suggestions for using CMS to notifiy users? Suggestions on how to scope and schedule the policy? Self service for the clients to initiate - and if so, how to keep the computers powered on long enough to complete?
Shavlik protect is giving customers a way to see if their win10 clients need the updates (i.e. building filters for them), I don't see this anywhere in CMS but I haven't been trolling the forums either.
We use SWD for Java to install at logout, and that doesn't always work perfectly. I can't imagine trying to do OS updates going well, nor our high profile users just staring at their screen for the hour+ install time.
This prior thread @Telefragger posted a timeline that it takes about an hour to cache and then another hour to install. It would be faster, and possibly more reliable, for us to reimage users, but obviously that's a whole other bunch of work to undertake every 12-18 months.
Nice graph with update dates here (I assume they're right, I didn't check) https://blog.juriba.com/windows-10-branching-timeline
I have been complaining to our Microsoft rep via email, but it isn't getting anywhere. I've talked to other Sysadmins who are running LTSB to avoid this mess, and a Microsoft employee event tweeted at me "If you want to hold steady for years, LTSB actually makes sense" - which our Microsoft rep told is is 100% inaccurate and any device connected to the internet should not be running LTSB.
I have a meeting at Microsoft tomorrow for a Dell demo. I'm not sure if I'll have the opportunity to complain there, but I intend to try. In the meantime, I'd love to hear what other Symantec administrators are planning to do with the release of Kaby Lake (no more win7 bootable machines) around the corner.