This is where SADR's can greatly help out. Do you have any SADR's setup?
I am managing around 10k systems; we have 3 SADRs setup with agents going to them for product installs/updates based on subnet distance. This way when you do large scale deployments, tons of machines won't be hitting the same server.. you are doing the client task right with enabling randomization, but I've never done randomization at 24 hours.
yes - we have multiple SADRs (looks like about 20) but at the same time our network is spread across a very large geographic area with *many* sites and some of the connections are very thin indeed.
the way I'm currently doing it works... it's just kind of manual in that I have to run queries then apply and remove tags.
since there are no other suggestions I'm going to stick with this methodology for now.
the only addition is that I'm adding some server tasks that will run the queries and add/remove the tags for me.
since the query used to apply the upgrade tag has a max results limitation it should deploy slowly enough and I will just schedule the server tasks to run them 1x day.
Adding the server tasks was the only additional suggestion I was going to make. Without knowing your environment and setup it makes it a little difficult to assess. For example, do you have different groups in your System Tree? You could add the Assignment Path to the filter on the query and work through in sections. Anything common about the host/system names so that you could pattern a filter there (i.e., Starts with "SALES")? If your System Tree structure is relatively flat, you can create a sub-group in one or more sections so it inherits the policies from the parent group and then move the systems with old agents into it. Once the agent is installed, you could have a query based server task move them back. You could create a tag for different days of the week (e.g., Mon, Tue, etc.) and have multiple queries/server tasks so you could pre-stage multiple groups of systems so you don't have to tag systems every day.
May not have given you a specific solution but hopefully some ideas to help you create/improve your current process.