A Server Automatic Deployment Rule (ADR) downloads all server updates released in the last month and deploys them to the pre-production desktop collection.
I schedule the ADRs to run on the 3rd Sunday of every month.
Server restarts will be controlled by the maintenance windows.
This structure will always be driven by customer requirements.
Microsoft sometimes release very critical updates out of band (ie not on patch Tuesday).
The desktop SUGs are then deployed to the desktop collections (pre-production and production) and ditto for the servers (see below for deadlines and maintenance windows).
These deployments remain in place indefinitely (even after the updates have been installed).
I create an Out-of-Band SUG which is deployed to each pre-production and production collection.
The deployment deadline is in the past so that the updates are installed almost immediately.
When I deploy SUGs to desktop collections I normally schedule the deadline to be 3 or 4 days in the future (and show all notifications).
I find that the default notification and restart settings are more than suitable. It could be that you split your server estate into multiple collections so that you can define different maintenance windows.
Client from SMS_R_System inner join SMS_CM_RES_COLL_SMS00001 on SMS_CM_RES_COLL_SMS00001.
Last Enforcement Message ID = 9select SMS_R_SYSTEM.
There is no absolutely correct way to implement a software updates strategy in your organization.