Pairing Delivery Optimization with Microsoft Connected Cache can minimize internet bandwidth usage as your cloud-managed devices come back to the office.
With the surge of people working from home, IT admins are increasingly using cloud management for their devices, pulling updates directly from the Microsoft cloud. In doing so, however, they also face concerns around minimizing internet bandwidth usage and supporting a hybrid model to manage devices from on-premises to cloud management. Fortunately, Delivery Optimization is here to help you alleviate these concerns. Today’s post focuses on helping you understand how.
Before jumping into the specifics of Delivery Optimization and Microsoft Connected Cache, here’s a refresher on the Delivery Optimization technology.
Delivery Optimization is used in most Microsoft cloud-managed content downloads today. It’s a built-in Windows component that leverages a cloud service designed to reduce the download bandwidth impact for Microsoft content or your content.
Delivery Optimization is mostly known for being a peer-to-peer (P2P) distributed cache technology, but it is also used as a downloader to pull most Microsoft content from the cloud, providing you with tools to control bandwidth traffic and throttling capabilities, to name a few.
Microsoft Connected Cache complements Delivery Optimization by serving as a dedicated cache on your organization’s network. This is a server-based solution that transparently and dynamically caches content that your devices need to download. The Microsoft Connected Cache efficiently caches content locally from what Delivery Optimization pulls down from the cloud.
Delivery Optimization is integrated with most Microsoft platforms and continually adds support for new content. Some of the most recent examples include Windows Dynamic Updates, MSIX apps, and the new Edge browser. Some of the most recent examples include Windows Dynamic Updates, MSIX apps, and the new Edge browser. Down the road, Delivery Optimization will be used for downloads when using an MDM tool like Microsoft Intune to push a new policy.
Delivery Optimization is a sophisticated downloader. Building on top of it, we can find a hybrid P2P communication capability. In P2P, content must be published, generating metadata about that content.
When content is requested by Delivery Optimization, this metadata helps guarantee that content has not been tampered with, determines which content is available within the peer network, and ensures the content is reliably downloaded.
By default, Delivery Optimization is enabled out-of-the-box with P2P enabled for seeking peers in the same local network. This means the Delivery Optimization service identifies peers behind the same Network Address Translation (NAT), breaking out to the internet using the same public IP address and returns the private IP address of those peers to connect to. To extend P2P beyond the same NAT, Delivery Optimization can be enabled with group download mode.
Delivery Optimization is integrated with boundary groups within the Configuration Manager where it can select peers from a specific boundary group. By default, Delivery Optimization will use the information it gathers about the LAN to create a strong P2P network. For example, when a co-managed endpoint downloads the app provisioned by Intune, Delivery Optimization can use boundary group information to find a peer within that device group.
Check out the Delivery Optimization: Scenarios and configuration options blog post for more information on the options you have for different scenarios to help manage bandwidth with Delivery Optimization.
There are cases where P2P technologies aren’t a viable option, for example, environments with network limitations like an all VPN Wi-Fi network, or environments where there aren’t enough devices in the network or group to warrant P2P (fewer than 10 devices).
Enter Microsoft Connected Cache, a solution that can work as a complement to P2P. Microsoft Connected Cache dynamically caches content based on the client requesting the content the device needs.
The Microsoft Connected Cache solution is easily configured within Configuration Manager. It doesn’t require massive amounts of hardware because it caches content at the requested byte range level vs the entire file, reducing the space requirement on your distribution points. For example, if a device downloads an update and only 5MBs are needed out of a 1GB file, Microsoft Connected Cache would only cache the 5MBs. Otherwise, the Configuration Manager would push content to be cached to a distribution point and require the device to download the 1GB file.
You can use Microsoft Connected Cache with Configuration Manager or Intune by setting the DOCacheHost or the Cache Server Hostname policy set to a comma-separated list of fully qualified domain names (FQDNs) or IPs of the distribution point can be set as a Configuration Manager group policy or an MDM policy in Intune. Visit the Delivery Optimization reference for a complete list of policies.
Microsoft Connected Cache is pre-provisioned to cache Microsoft content. During the download, the Microsoft Connected Cache policy will tell the Delivery Optimization client to use Microsoft Connected Cache for content. If there’s an issue accessing Microsoft Connected Cache, the Content Delivery Network (CDN) will be used as the fallback to retrieve content.
Still wondering about how powerful the Delivery Optimization umbrella of offerings is? When adding P2P to downloads from the cloud, we see up to 70% of bandwidth savings. By adding Microsoft Connected Cache to P2P, we almost close the gap with up to 98% caching efficiency for delivering content to a device.
Your devices may be managed via Configuration Manager or co-managed. You have boundary groups defined to reflect your network topology.
Your devices may be managed via Configuration Manager or co-managed. You have not defined any boundary groups in Configuration Manager.
Some of your devices are managed via Intune. Boundary groups are not applicable.
With Microsoft Connected Cache installed on your Configuration Manager distribution points, you can extend your existing on-prem infrastructure to support your cloud-managed devices that would otherwise pull content from the cloud. You do not need to manage the devices via Configuration Manager to take advantage of Microsoft Connected Cache in Configuration Manager!
Visit Microsoft Connected Cache in Configuration Manager for more information on setting up Microsoft Connected Cache in Configuration Manager.
In the Windows 10 version 2004 release, we added a few more configuration options to help you leverage Microsoft Connected Cache on your Intune-managed devices.
The Cache Server Hostname Source allows you to specify how your devices can discover Microsoft Connected Cache servers dynamically using a DHCP server. You can set the desired FQDN or IP Address using DHCP Scope 235.
We’ve also introduced policies to delay the fallback from Microsoft Connected Cache to the HTTP Source, which can be set separately for foreground and background activities. By default, if a Microsoft Connected Cache server returns a failure, the download will switch back to the HTTP source or the CDN. With these policies set, you can ensure that Microsoft Connected Cache will be used even in a network where the connectivity between the client device and Microsoft Connected Cache is flaky.
Another update is the activity monitor inside the Delivery Optimization settings so you can quickly see if a Microsoft Connected Cache server is being used and how much data is coming from that server.
With people around the world working from home, we’ve received many questions on the topic of VPN and how Delivery Optimization handles a VPN connection. It’s important to remember that VPNs try to hide themselves, and even though Delivery Optimization tries to detect a VPN, it may not always be able to do so.
Once Delivery Optimization detects a VPN connection, it will suspend all P2P activity. However, if you notice unexpected traffic over port 7680, you can apply a policy to all devices connecting over VPN to disable P2P by setting the Download Mode policy to 0.
For devices that connect over VPN, you can configure split tunneling and FQDN-based safelists to enable devices to connect freely to your network and avoid the burden to your VPN infrastructure by sending all cloud traffic directly. This also allows P2P to be used in the home environment.
We are working on a version of Microsoft Connected Cache that doesn’t require a Configuration Manager distribution point. In addition, we are working towards bringing you a containerized solution that will be managed via the Azure portal to offer greater flexibility in installation requirements. Stay tuned for more details on this one in a future blog post.
In the meantime, visit the Introducing Microsoft Connected Cache: Microsoft's cloud-managed cache solution blog post to learn more about the capabilities of Microsoft Connected Cache and let us know that you are interested in participating in our preview program. You can also view this video to further your understanding:
Leave a comment below to let us know what you think about using Delivery Optimization with Configuration Manager to make your cloud content downloads easier!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.