This article is contributed. See the original author and article here.
Pairing Delivery Optimization with Microsoft Connected Cache can minimize internet bandwidth usage as your cloud-managed devices come back to the office.
With the surge of people working from home, IT admins are increasingly using cloud management for their devices, pulling updates directly from the Microsoft cloud. In doing so, however, they also face concerns around minimizing internet bandwidth usage and supporting a hybrid model to manage devices from on-premises to cloud management. Fortunately, Delivery Optimization is here to help you alleviate these concerns. Today’s post focuses on helping you understand how.
Delivery Optimization: a distributed solution
Before jumping into the specifics of Delivery Optimization and Microsoft Connected Cache, here’s a refresher on the Delivery Optimization technology.
Delivery Optimization is used in most Microsoft cloud-managed content downloads today. It’s a built-in Windows component that leverages a cloud service designed to reduce the download bandwidth impact for Microsoft content or your content.
Delivery Optimization is mostly known for being a peer-to-peer (P2P) distributed cache technology, but it is also used as a downloader to pull most Microsoft content from the cloud, providing you with tools to control bandwidth traffic and throttling capabilities, to name a few.
Microsoft Connected Cache complements Delivery Optimization by serving as a dedicated cache on your organization’s network. This is a server-based solution that transparently and dynamically caches content that your devices need to download. The Microsoft Connected Cache efficiently caches content locally from what Delivery Optimization pulls down from the cloud.
Delivery Optimization is integrated with most Microsoft platforms and continually adds support for new content. Some of the most recent examples include Windows Dynamic Updates, MSIX apps, and the new Edge browser. Some of the most recent examples include Windows Dynamic Updates, MSIX apps, and the new Edge browser. Down the road, Delivery Optimization will be used for downloads when using an MDM tool like Microsoft Intune to push a new policy.
Delivery Optimization umbrella: P2P and Microsoft Connected Cache
Delivery Optimization is a sophisticated downloader. Building on top of it, we can find a hybrid P2P communication capability. In P2P, content must be published, generating metadata about that content.
When content is requested by Delivery Optimization, this metadata helps guarantee that content has not been tampered with, determines which content is available within the peer network, and ensures the content is reliably downloaded.
By default, Delivery Optimization is enabled out-of-the-box with P2P enabled for seeking peers in the same local network. This means the Delivery Optimization service identifies peers behind the same Network Address Translation (NAT), breaking out to the internet using the same public IP address and returns the private IP address of those peers to connect to. To extend P2P beyond the same NAT, Delivery Optimization can be enabled with group download mode.
Delivery Optimization is integrated with boundary groups within the Configuration Manager where it can select peers from a specific boundary group. By default, Delivery Optimization will use the information it gathers about the LAN to create a strong P2P network. For example, when a co-managed endpoint downloads the app provisioned by Intune, Delivery Optimization can use boundary group information to find a peer within that device group.
Check out the Delivery Optimization: Scenarios and configuration options blog post for more information on the options you have for different scenarios to help manage bandwidth with Delivery Optimization.
There are cases where P2P technologies aren’t a viable option, for example, environments with network limitations like an all VPN Wi-Fi network, or environments where there aren’t enough devices in the network or group to warrant P2P (fewer than 10 devices).
Enter Microsoft Connected Cache, a solution that can work as a complement to P2P. Microsoft Connected Cache dynamically caches content based on the client requesting the content the device needs.
The Microsoft Connected Cache solution is easily configured within Configuration Manager. It doesn’t require massive amounts of hardware because it caches content at the requested byte range level vs the entire file, reducing the space requirement on your distribution points. For example, if a device downloads an update and only 5MBs are needed out of a 1GB file, Microsoft Connected Cache would only cache the 5MBs. Otherwise, the Configuration Manager would push content to be cached to a distribution point and require the device to download the 1GB file.
You can use Microsoft Connected Cache with Configuration Manager or Intune by setting the DOCacheHost or the Cache Server Hostname policy set to a comma-separated list of fully qualified domain names (FQDNs) or IPs of the distribution point can be set as a Configuration Manager group policy or an MDM policy in Intune. Visit the Delivery Optimization reference for a complete list of policies.
Microsoft Connected Cache is pre-provisioned to cache Microsoft content. During the download, the Microsoft Connected Cache policy will tell the Delivery Optimization client to use Microsoft Connected Cache for content. If there’s an issue accessing Microsoft Connected Cache, the Content Delivery Network (CDN) will be used as the fallback to retrieve content.
Still wondering about how powerful the Delivery Optimization umbrella of offerings is? When adding P2P to downloads from the cloud, we see up to 70% of bandwidth savings. By adding Microsoft Connected Cache to P2P, we almost close the gap with up to 98% caching efficiency for delivering content to a device.
Microsoft Connected Cache use cases
Use case 1
Your devices may be managed via Configuration Manager or co-managed. You have boundary groups defined to reflect your network topology.
- Install Microsoft Connected Cache on your distribution point with just a few clicks to set the drive you want to use or the amount of storage you will need.
- Configure Delivery Optimization to pull content from Microsoft Connected Cache on your distribution point in line with your boundary group definitions.
You can do so by following this path: Default Settings > Delivery Optimization > Device Settings > Enable devices managed by Configuration Manager to use Microsoft Connected Cache servers for content download > Yes.
Use case 2
Your devices may be managed via Configuration Manager or co-managed. You have not defined any boundary groups in Configuration Manager.
- Same as use case 1, install Microsoft Connected Cache on your distribution point.
- Configure Delivery Optimization by setting up a Group Policy that points to Microsoft Connected Cache via the server FQDN or IP.
Use case 3
Some of your devices are managed via Intune. Boundary groups are not applicable.
- Same as use case 1, install Microsoft Connected Cache on your distribution point.
- Set an MDM policy to point Delivery Optimization to Microsoft Connected Cache by using FQDNs or an IP address.
With Microsoft Connected Cache installed on your Configuration Manager distribution points, you can extend your existing on-prem infrastructure to support your cloud-managed devices that would otherwise pull content from the cloud. You do not need to manage the devices via Configuration Manager to take advantage of Microsoft Connected Cache in Configuration Manager!
Visit Microsoft Connected Cache in Configuration Manager for more information on setting up Microsoft Connected Cache in Configuration Manager.
Microsoft Connected Cache: client configuration in Windows 10, version 2004
In the Windows 10 version 2004 release, we added a few more configuration options to help you leverage Microsoft Connected Cache on your Intune-managed devices.
The Cache Server Hostname Source allows you to specify how your devices can discover Microsoft Connected Cache servers dynamically using a DHCP server. You can set the desired FQDN or IP Address using DHCP Scope 235.
We’ve also introduced policies to delay the fallback from Microsoft Connected Cache to the HTTP Source, which can be set separately for foreground and background activities. By default, if a Microsoft Connected Cache server returns a failure, the download will switch back to the HTTP source or the CDN. With these policies set, you can ensure that Microsoft Connected Cache will be used even in a network where the connectivity between the client device and Microsoft Connected Cache is flaky.
Another update is the activity monitor inside the Delivery Optimization settings so you can quickly see if a Microsoft Connected Cache server is being used and how much data is coming from that server.
Delivery Optimization and VPN
With people around the world working from home, we’ve received many questions on the topic of VPN and how Delivery Optimization handles a VPN connection. It’s important to remember that VPNs try to hide themselves, and even though Delivery Optimization tries to detect a VPN, it may not always be able to do so.
Once Delivery Optimization detects a VPN connection, it will suspend all P2P activity. However, if you notice unexpected traffic over port 7680, you can apply a policy to all devices connecting over VPN to disable P2P by setting the Download Mode policy to 0.
For devices that connect over VPN, you can configure split tunneling and FQDN-based safelists to enable devices to connect freely to your network and avoid the burden to your VPN infrastructure by sending all cloud traffic directly. This also allows P2P to be used in the home environment.
Microsoft Connected Cache: what’s coming next
We are working on a version of Microsoft Connected Cache that doesn’t require a Configuration Manager distribution point. In addition, we are working towards bringing you a containerized solution that will be managed via the Azure portal to offer greater flexibility in installation requirements. Stay tuned for more details on this one in a future blog post.
In the meantime, visit the Introducing Microsoft Connected Cache: Microsoft’s cloud-managed cache solution blog post to learn more about the capabilities of Microsoft Connected Cache and let us know that you are interested in participating in our preview program.
Leave a comment below to let us know what you think about using Delivery Optimization with Configuration Manager to make your cloud content downloads easier!
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.