de-centralized definition distribution
An idea recently has been floated in the forums which would make a good feature enhancement.
Many admins like the idea of GUPs but are turned off by the management overhead of possibly hundreds or more individual GUP policies (or managing WINS/DNS records to resolve locally for hundreds of sites)
How about a de-centralized def distribution mechanism? The protocols and caveats for this type of network are well known by now. Just look at p2p networks or MS PNRP. Allow clients to authenticate each other as being managed by the same SEP server and as long as they are, allow them to grab updates from 'close' peers.
Additionaly there would likely need to be policy that dictates minimum specs for a peer to 'share' updates with others. These could be based on CPU/RAM/OS or further restricted by local subnet only or same DNS suffix only.
This would allow admins to reduce WAN bandwidth while simplifying management overhead.