Software Management via DMZ Host

Hello,
I am in managing software in a hardened security environment where hosts do not have internet access. The computers are OpenSuse hosts of varying configurations and releases, starting from OpenSuse 12.3. Being new to OpenSuse and such rough environment I would appreciate your help.
How should I go about managing software in this situation?
Originally I planned on exporting RPM/zypper database there and taking it to a DMZ host. In the DMZ host I would then run RPM/zypper against this exported database and fetch the required RPMs. In the end I would take the RPMs back to the managed host where they would be applied.
Does someone have experience on similar situation? Are there ready tools for this or should I script this with rpm/zypper?

Hi and welcome to the openSUSE forums :slight_smile:
You could look at rsync;
https://en.opensuse.org/openSUSE:Mirror_infrastructure#Rsync_servers

Or even ftp the repositories your after locally then run createrepo on each one to build the repo metadata.

This could all be done on a usb device (or even a usb flashdisk, depending on space) which could then be connected to a designated system (running http?) for say further copying via rsync to update, then all the systems could look to that one for updates etc…

In the DMZ do you have any SLE systems? If so you could use smt.

Thank you.
Encouraged by your comment and thinking more about it I decided to create local repositories the thing. That’s fairly straightforward.

Note you must do for all versions you mention since each has their own repo. Also you seem to have some systems that no longer in support so I guess there will be no more updates for them but the repos can still be found but you have to dig