I'm about to begin a production deployment of shavlik protect for our server environment. Our environment consists of ±800 windows servers distributed across three data centres. The three DCs have excellent connections between them so bandwidth and latency are not an issue, for this reason my intention is not to use distribution servers.
I am however, curious about the use of multiple console servers. Currently I've got one console server deployed with 4 cores and 8GB of memory. My intention is to patch servers without agents. We have a resonabally short maintence window of 2 hours, once per week for most of our environments.
Will one server provide sufficent performance for an environment of this size, or should we look at a distributed console model?
It's possible the one console might be able to pull it off if you have good bandwidth and connection throughout your network. I would suggest running the scans ahead of time so that you can just perform the patch deployment process within the two hour windows. The part that will slow it down the most is copying all the patch files from the one console system out to all the systems you are patching during that timeframe. Usually that's where we suggest use of distribution servers with Protect to help save some time.