Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tech·Ed North America /6/ :34 AM

Published byAlina Billet Modified over 9 years ago

Similar presentations

Presentation on theme: "Tech·Ed North America /6/ :34 AM"— Presentation transcript:

1 Tech·Ed North America 2009 4/6/2017 11:34 AM
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Tech·Ed  North America 2009 4/6/ :34 AM BranchCache: Helping You Save on WAN Bandwidth Consumption at Branch Offices Ravi Rao Senior Program Manager Microsoft Corporation WSV303 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Agenda Problem background Solution modes Deployment Demo Deep Dives
Content Identification Integration architecture Security End to end flow Partners Resources

4 Problem Background Thin, expensive WAN links between main office and branch offices High link utilization Poor application responsiveness Trend towards data centralization

5 Customers Say… “We are improving the efficiency of our branch offices and saving bandwidth by using BranchCache in Windows Server 2008 R2 and Windows 7,” said Lukas Kucera, IT services manager of Lukoil CEEB, one of the largest integrated oil and gas companies in the world. “Some of our smaller facilities, such as the office in Slovakia and the storage terminal in Belgium, have just five to 10 users, so it’s not efficient to deploy a file server on-site, but it consumes bandwidth to have them continually accessing files from the main servers. BranchCache is the perfect solution.” “Taking advantage of the BranchCache feature in Windows Server 2008 R2, we can spend $20,000 rather than $50,000 per year on bandwidth by postponing our expansion schedule.” David Feng, IT Director, Sporton International Convergent Computing (CCO) wanted to improve remote network access for its mobile users. Using the DirectAccess and BranchCache™ features in Windows Server® 2008 R2 and Windows 7, CCO has simplified remote connection to its network and sped the downloading of important files. It has cut costs by eliminating its virtual private network and has seen a 43 percent savings in wide area network (WAN) bandwidth.

6 Solution Tenets Optimized Secured End to End
Distributed – retrieve from other clients in the branch Centralized – retrieve from a “hosted cache” in the branch Secured Client can only retrieve content locally if authorized by the content server All data transfers in the branch are encrypted End to End Maintains protocol integrity Benefits from protocol optimizations Optimizes SSL, IPsec, SMB signing, HTTP, SMB

7 Distributed Cache Get Get Get Get Main Office Branch Office Data Data
ID ID Get Get Get Get Branch Office Data

8 Hosted Cache Get Get Get Search Get Search Offer Request Put
Main Office Get Data Data ID ID Get Get ID Get Search Search ID Data Offer ID Request ID Data Put Branch Office

9 Hosted Cache Centralized cache of data downloaded by the branch
The Hosted cache on Windows Server 2008 R2 provides the following features A centralized cache for Protocols: HTTP, SMB E2E encrypted/signed traffic: SSL, IPsec, SMB signing etc Does not “modify” protocols; benefits from protocol optimizations Configurable size/location/persisted across reboots/flush-able Works across multiple subnets Admins can seed content by writing custom scripts Can be a virtual workload in an appliance Easy to deploy; clients are configured via policy

10 Hosted Cache vs. Distributed
Microsoft Confiential: Preliminary Information: NDA Only Hosted Cache vs. Distributed Enterprise Hosted Cache Data cached at hosted cache server Recommended for larger branches Cache stored centrally: can use existing server in the branch Cache availability is high Enables branch-wide caching Distributed Cache Distributed Cache Data cached amongst clients Recommended for branches without any infrastructure Easy to deploy: Enabled on clients through Group Policy Cache availability decreases with laptops that go offline

11 Overall Framework BranchCache™ 3rd Party Applications BITS SMB HTTP
Office Robocopy Explorer AppV SharePoint Office BITS WMP IE SMB HTTP BranchCache™

12 Deployment

13 Deployment Distributed Hosted Works on Server Core R2 as well!
HQ: Content Server (must run R2) Branch: Client (must run Win 7 or R2) Hosted HQ: Content Server (must run R2) Branch: Hosted Cache (must run R2) Branch: Client (must run Win 7) Works on Server Core R2 as well!

14 Deployment - Content server
HTTP server (IIS) - Install the BranchCache feature from Server Manager SMB server (File server) – Install the BranchCache role service feature within the file server role using Server Manager That’s it…

15 Deployment - Client Identify the “branch” Choose how to deploy
An Active Directory Site An IP address range A collection of specific client computers Choose how to deploy Group Policy netsh Deploy to clients! Group policy: Use built-in ADMX files netsh: Run netsh branchcache set service distributed on all relevant clients

16 Deployment – Hosted Cache
Setup the hosted cache Install the BranchCache feature on an R2 server Install a server-auth certificate for use with SSL Run netsh branchcache set service hostedserver on the hosted cache Identify Branch Choose how to deploy Deploy to clients! Group policy: Use built-in ADMX files netsh: Run netsh branchcache set service hostedclient location=<> on all clients

17 Deployment - Summary Group Policy to enable clients
Branch Office Branch Office Install BranchCache™ feature on an R2 server Hosted Cache Branch Office IIS File Server Optionally, install a hosted cache in your branch Group Policy Management Main Office

18 Additional configuration options
Enable / disable distributed cache mode Enable / disable hosted cache mode Set the cache size Set the location of the hosted cache Clear the cache Create and replicate a shared key for use in a server cluster And more … Works in domains and workgroups

19 Monitoring Event logs - Operational logs & Audit logs
Perfmon counters - Client, hosted cache and Content Server netsh for querying the infrastructure for | potential problems Cache size too small, firewall issues, certificate problems etc SCOM pack - for rolling all the information up

20 Devrim Iyigun Senior Product Manager Microsoft Corporation
4/6/ :34 AM demo BranchCache in Action Devrim Iyigun Senior Product Manager Microsoft Corporation © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Going Deeper…

22 Content Identifiers Hashes Segment hashes, Block hashes
Returned by server Segment hashes, Block hashes up to ~2000x data reduction B1 B2 Bn B1 B2 Bn B1 B2 Bn Blocks Unit of download Segments Unit of discovery S1 S2 S3 Content

23 HTTP Integration IE IIS wininet http.sys BranchCache BranchCache Open
URL “Branch Cache Capable” Data Data Get data wininet http.sys Hashlist Hashlist Data Data Hashlist BranchCache BranchCache Data Hashlist H1 H2 H3 H4 H5

24 Generate or update hash
SMB Integration Branch Cache Hashlist Data SMB Hash Generation Service Generate or update hash Application CSC Service HashGen Utility ReadFile Prefetch File Request Hashes Generate or update hash Data Save hashes Data Hashlist Request Hashes CSC Driver SMB Client Driver SMB Server Driver Hashlist Hashlist Access hashes Data CSC Cache

25 How is SSL Optimized? IE IIS HTTP HTTP SSL SSL Sockets Sockets IPsec
Client Server IE IIS Data in clear Data in clear BranchCache BranchCache HTTP HTTP Data in clear Data in clear SSL SSL Data encrypted Data encrypted Sockets Sockets Data encrypted Data encrypted IPsec IPsec Data encrypted

26 Security Client Server Encryption key Segment discovery key
Hash(SK, “KeKeKe”) Segment discovery key Hash(SK, SH+”HoHoDk”) Private Segment key (SK) Hash(SH, Ks) Segment hash (SH) Hash (Blockhashes) Server secret key Ks Block hashes Hash(block) B1 B2 Bn Blocks Server

27 Flow – a Security View Client requests data from the server, and indicates BranchCache capability Server authorizes the client Server retrieves metadata (block hashes, segment hashes, private segment key) for the data Server sends metadata on same channel as data Client computes a segment discovery key Broadcasts on the local network

28 Flow, Continued Serving clients receive the broadcast
Decrypt the segment hash from the segment discovery key Respond with data availability Client requests blocks from the serving client Serving client computes encryption key from the segment private key Serving client encrypts each block with the encryption key Client receives the data Decrypts the data Validates block data against the block hash If valid, returns to application

29 Security of Data at Rest
Clients Cache only contains content requested by the client Data in cache ACL’d so that it is only accessible if authorized by the server If data leakage is a concern, then use BitLocker or EFS Hosted Cache Cache contains content requested by all branch clients Use BitLocker or EFS to encrypt cache as necessary All data can be purged from the cache using netsh

30 BranchCache Ecosystem Partners
4/6/ :34 AM announcing BranchCache Ecosystem Partners © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Microsoft and Riverbed - Better Together Joint Optimization Solution for Windows 7 users
Riverbed Steelhead: Leading WAN optimization solution + BranchCache Leader in the Gartner magic quadrant Accelerate applications: CIFS, MAPI, HTTP/S, TCP, and all other key protocols Cut bandwidth use: Save 65 – 95% of WAN utilization POLP Licensing Partner, and Windows OEM Deliver Windows to the branch with the Riverbed Services Platform (RSP): Offer Windows services such as AD, Streaming, Print, DNS and BranchCache Visit Booth 247 for more info Steelhead Appliance VM VM VM VM VM RSP Virtualization Layer Riverbed and Microsoft to extend optimization further for Windows 7 users with BranchCache

32 Blue Coat – BranchCache Support
About Blue Coat Application Delivery Network Vendor ProxySG for WAN Optimization & Secure Web Gateway Leader in Gartner Magic Quadrants Secure Web Gateway, Sep 2008 WAN Optimization Controllers, Nov 2007 Blue Coat will support BranchCache protocols Blue Coat will license Hosted Cache protocols on ProxySG Edge site hosted cache for SMB2, SMB signed & IPsec Core site proxy for legacy content servers (non-WS 2008 R2) Data Center ProxySG WAN ProxySG Remote Office

33 F5 and BranchCache F5 is a player in Application Delivery Networking, with the mission of building network devices that support your applications, ensuring high availability, scalability, performance and security. BranchCache adds to BIG-IP’s WAN acceleration portfolio See a demo of BranchCache on the BIG-IP – visit booth 311

34 New Generation Application Delivery Platform
Application Acceleration & Load Balancing BranchCache Augments AX Native Optimized Caching

35 BranchCache: Enhancing the Windows File Experience
Delivering best-in-class Windows® files services solution Thousands of joint customers using SMB (CIFS) today Use ranges from home directories to high performance engineering applications Now also supporting SMB 2.0 BranchCache — NetApp® as a Content Server Bring remote Windows users closer Save on bandwidth and remote administration NetApp is a gold sponsor – visit their booth! NetApp NAS in the data center Branch office / remote users

36 Symantec Support for BranchCache
World’s 4th largest ISV… Found in almost as many Windows environments as Microsoft Security, Storage, HA, Backup, Archiving, Data Loss Prevention, Management… Altiris Server Management Suite from Symantec Provide support for monitoring BranchCache on Windows Server 2008 R2 Provide alerting when problems are detected Orchestrate and automate remediation when necessary Branch Altiris Server Management Suite From Symantec Corp HQ data center

37 Forefront Threat Management Gateway in the Branch
Web Proxy & Cache Featuring Anti-Virus URL Filtering HTTPS Inspection Network Intrusion Inspection Site to Site VPN TMG & Hosted Cache Single Host for TMG & BranchCache (Hosted Cache) Standard deployment Main Office Enterprise Management Running on Windows Server R2 Branch Office

38 To Summarize BranchCache™ reduces WAN bandwidth consumed by end users for intranet based HTTP and SMB traffic and improves end user experience BranchCache™ accelerates delivery of encrypted and signed content such as when using HTTPS, IPsec, SMB signing and at the same time ensures authorization of users by the server at the central office. BranchCache™ doesn’t require additional equipment in the branch offices and can be easily managed using existing systems management technology such as group policy BranchCache has a vibrant and growing ecosystem giving customers the choice to pick a solution that works best for their needs

39 Resources Website/TechNet Email
At TechEd, we have booths in the TLC Orange Area Windows Server Branch Office Solutions  - BranchCache Windows Services for the Branch – Partner Solutions

40 Resources www.microsoft.com/teched www.microsoft.com/learning
Sessions On-Demand & Community Microsoft Certification & Training Resources Resources for IT Professionals Resources for Developers Microsoft Certification and Training Resources

41 Related Content Breakout Sessions WSV 403: Enhancing the Branch office experience with Windows Server 2008 R2 Hands-on Labs WSV14-HOL: Windows Server 2008 R2 - BranchCaching

42 Windows Server Resources
Make sure you pick up your copy of Windows Server 2008 R2 RC from the Materials Distribution Counter Learn More about Windows Server 2008 R2: Technical Learning Center (Orange Section): Highlighting Windows Server 2008 and R2 technologies Over 15 booths and experts from Microsoft and our partners

43 Complete an evaluation on CommNet and enter to win!

44 4/6/ :34 AM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Tech·Ed North America /6/ :34 AM"

Similar presentations

P2P in Windows 7. P2P Capabilities in Windows 7 Distributed Routing Table Distributed Routing Table – A new public API suitable for building Distributed.

P2P in Windows 7. P2P Capabilities in Windows 7 Distributed Routing Table Distributed Routing Table – A new public API suitable for building Distributed.
Faith Allington Program Manager Microsoft Corporation WSV322.

Faith Allington Program Manager Microsoft Corporation WSV322.
Mission Critical Messaging Platform Roni Havas Unified Communications Solution Specialist Specialists Technology Unit – EPG - Microsoft Israel

Mission Critical Messaging Platform Roni Havas Unified Communications Solution Specialist Specialists Technology Unit – EPG - Microsoft Israel
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Speeding up the Branch Office

Speeding up the Branch Office
1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.

1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.
Agenda Customer pain points and how data classification can help Ecosystem Windows Server 2008 R2 for file Classification Infrastructure Demos Customer.

Agenda Customer pain points and how data classification can help Ecosystem Windows Server 2008 R2 for file Classification Infrastructure Demos Customer.
Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.

Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.
Joey Snow Technical Evangelist Microsoft Corporation.

Joey Snow Technical Evangelist Microsoft Corporation.
Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation

Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
At their deskAt their desk In a branchIn a branch On the roadOn the road Protect data & PCsProtect data & PCs Built on Windows Vista foundation Easy.

At their deskAt their desk In a branchIn a branch On the roadOn the road Protect data & PCsProtect data & PCs Built on Windows Vista foundation Easy.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Tech·Ed North America /19/2017 7:21 AM

Tech·Ed North America /19/2017 7:21 AM
Understanding Active Directory

Understanding Active Directory
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.

Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
Barracuda Load Balancer Server Availability and Scalability.

Barracuda Load Balancer Server Availability and Scalability.
Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Using the WDK for Windows Logo and Signature Testing Craig Rowland Program Manager Windows Driver Kits Microsoft Corporation.

Similar presentations

Ads by Google