centrally administer and approve os security patches

Anyway to achieve a similar capability of a windows wsus server with opensuse?

ie. manage and audit security updates accross linux desktops in a local domain for small to medium sized networks, etc etc.

I dont have experience here however I’m trying to start thinking on how this is done.