Documente Academic
Documente Profesional
Documente Cultură
Agenda
Problem background
Solution modes
Deployment
Demo
Deep Dives
Content Identification
Integration architecture
Security
End to end flow
Partners
Resources
Problem Background
Thin, expensive WAN links between
main office and branch offices
Customers Say
We are improving the efficiency of our branch offices and saving
bandwidth by using BranchCache in Windows Server 2008 R2 and
Windows 7, said Lukas Kucera, IT services manager of Lukoil CEEB,
one of the largest integrated oil and gas companies in the world.
Some of our smaller facilities, such as the office in Slovakia and
the storage terminal in Belgium, have just five to 10 users, so its
not efficient to deploy a file server on-site, but it consumes
bandwidth to have them continually accessing files from the main
Taking
advantage of
feature in Windows Server
servers.
BranchCache
isthe
theBranchCache
perfect solution.
2008 R2, we can spend $20,000 rather than $50,000 per year on
bandwidth by postponing our expansion schedule.
David Feng, IT Director, Sporton International
Convergent Computing (CCO) wanted to improve remote network
access for its mobile users. Using the DirectAccess and
BranchCache features in Windows Server 2008 R2 and
Windows 7, CCO has simplified remote connection to its network
and sped the downloading of important files. It has cut costs by
eliminating its virtual private network and has seen a 43 percent
savings in wide area network (WAN) bandwidth.
Solution Tenets
Optimiz
ed
Distributed
retrieve from
other clients in
the branch
Centralized
retrieve from a
hosted cache
in the branch
Secured
Client can only
retrieve content
locally if
authorized by
the
content server
All data
transfers in the
branch
are encrypted
End to
End
Maintains
protocol
integrity
Benefits from
protocol
optimizations
Optimizes SSL,
IPsec, SMB
signing, HTTP,
SMB
Distributed Cache
Ma
in
Offi
ce
Get
ID
Data
Ge
t
Ge
t
Data
ch
n
a
Br ffice
O
Hosted Cache
Ma
in
Offi
ce
ID
Data
Data
Ge
t
ID
Ge
t
Data
ID
ID
Request
ID
Data
Branch
Hosted Cache
Centralized cache of data downloaded by the
branch
The Hosted cache on Windows Server 2008 R2
provides the following features
A centralized cache for
Protocols: HTTP, SMB
E2E encrypted/signed traffic: SSL, IPsec, SMB signing etc
Distributed Cache
Recommended for
branches without any
infrastructure
Easy to deploy: Enabled on
clients through Group
Policy
Cache availability
decreases with laptops
that go offline
Hosted Cache
branches
Cache stored centrally: can
use existing server in the
branch
Cache availability is high
Enables branch-wide
caching
Overall Framework
rd Party Applications
3rd
Offic
Offic
e
e
Rob
Rob
oco
oco
py
py
Exp
Exp
lor
lor
er
er
App
App
V
V
Shar
Shar
ePoi
ePoi
nt
nt
SMB
Offic
Offic
e
e
HTTP
BranchCache
BIT
S
WM
WM
P
P
IE
IE
Deployment
Deployment
Distributed
HQ: Content Server (must run R2)
Branch: Client (must run Win 7 or R2)
Hosted
HQ: Content Server (must run R2)
Branch: Hosted Cache (must run R2)
Branch: Client (must run Win 7)
Deployment - Content
server
Deployment - Client
Identify the branch
Group Policy
netsh
Deploy to clients!
Identify Branch
Choose how to deploy
Deploy to clients!
Deployment - Summary
Group Policy to
enable clients
Branch
Office
Branch
Office
Install
BranchCache
feature on an R2
server
IIS
File Server
Main
Offic
e
Group Policy
Management
Hosted
Cache
h
Branc
Office
Optionally, install a
hosted cache in
your branch
Additional configuration
options
Enable / disable distributed cache mode
Enable / disable hosted cache mode
Set the cache size
Set the location of the hosted cache
Clear the cache
Create and replicate a shared key for use in
a server cluster
And more
Works in domains and workgroups
Monitoring
Event logs - Operational logs & Audit logs
Perfmon counters - Client, hosted cache and
Content Server
netsh for querying the infrastructure for |
potential problems
Cache size too small, firewall issues, certificate
problems etc
demo
BranchCache in Action
Devrim Iyigun
Senior Product Manager
Microsoft Corporation
Going Deeper
Content Identifiers
Hashes
Returned by
server
Blocks
Unit of download
Segments
Unit of discovery
Content
BBB
n12
S1
BBB
n12
S2
B
n
S3
HTTP Integration
IE
Open
URL
Dat
a
winine
Hashlis
t
Dat
a
Branch
IIS
Branch
Cache
Capable
Dat
a
Get
http.sydata
Hashlis
Dat
t
a
Hashli
Branchst
Cache
Cache
Data
Hashlis
t
H
1
H
2
H
3
H
4
H
5
SMB Integration
Branc
Branc
h
h
Cache
Cache
Hashlis
t
Applicatio
Applicatio
n
n
ReadFil
e
Data
CSC
CSC
Cache
Cache
SMB
SMB Hash
Hash
Generate or
Generation
Generation
update
HashGen
HashGen
Service
Service
hash
Utility
Utility
CSC
CSC
Service
Service
Prefetc
Data
h
File
Hashlist
Dat
a
CSC
CSC
Driver
Driver
Data
Request
Hashes
SMB
SMB Client
Client
Driver
Driver
Request
Hashes
Generate or
update
hash
Hashlist
Hashlist
SMB
SMB
Server
Server
Driver
Driver
Save
hashes
Access
hashes
Server
IIS
IE
Data in
clear
HTTP
Data in
clear
Branc
hCach
e
SSL
Branc
hCach
e
Data in
clear
HTTP
Data in
clear
SSL
Data
encrypted
Data
encrypted
Data
encrypted
Data
encrypted
Sockets
IPsec
Sockets
Data
encrypted
IPsec
Security
Client
Segment discovery
key
Encryption key
Hash(SK,
KeKeKe)
Hash(SK,
SH+HoHoDk)
Segment hash
(SH)
Server secret
key
Hash (Blockhashes)
Ks
Block hashes
Hash(block)
Blocks
BB
12
B
n
Server
Flow, Continued
Serving clients receive the broadcast
Decrypt the segment hash from the segment
discovery key
Respond with data availability
Hosted Cache
Cache contains content requested by all branch
clients
Use BitLocker or EFS to encrypt cache as
necessary
announcing
BranchCache Ecosystem
Partners
RSP
Virtualization Layer
WAN
F5 and BranchCache
F5 is a player in Application Delivery
Networking, with the mission of building
network devices that support your
applications, ensuring high availability,
scalability, performance and security.
BranchCache adds to BIG-IPs WAN
acceleration portfolio
See a demo of BranchCache on the BIG-IP
6900
visit booth 311
Branch
office /
remote
users
Corp HQ
data
center
Enterprise
Management
Running on
Windows Server
2008 R2
& TMG
Hosted
Cache
Bra
n
Offi ch
ce
Featuring
Featuring
Anti-Virus
Anti-Virus
URL
URL Filtering
Filtering
HTTPS
HTTPS Inspection
Inspection
Network
Network Intrusion
Intrusion
Inspection
Inspection
To Summarize
BranchCache reduces WAN bandwidth consumed by
end users for intranet based HTTP and SMB traffic and
improves end user experience
BranchCache accelerates delivery of encrypted and
signed content such as when using HTTPS, IPsec, SMB
signing and at the same time ensures authorization of
users by the server at the central office.
BranchCache doesnt require additional equipment in
the branch offices and can be easily managed using
existing systems management technology such as group
policy
BranchCache has a vibrant and growing ecosystem
giving customers the choice to pick a solution that works
best for their needs
Resources
Website/TechNet
http://www.branchcache.com
http://technet.microsoft.com/en-us/network/dd425028.asp
x
Email
branch@microsoft.com
Resources
www.microsoft.com/teched
www.microsoft.com/learning
http://microsoft.com/techne
t
http://microsoft.com/ms
dn
www.microsoft.com/learning
Resources
for IT Professionals
Related Content
Breakout Sessions
WSV 403: Enhancing the Branch office experience with Windows Server
2008 R2
Hands-on Labs
WSV14-HOL: Windows Server 2008 R2 - BranchCaching
Complete an
evaluation on
CommNet
and enter to
win!
2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S.
and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must
respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information
provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.