Microsoft Endpoint Manager and Delivery Optimization

Posted on by No Comments ↓

This post has been republished via RSS; it originally appeared at: Core Infrastructure and Security Blog articles.

 

Hello everyone! I´m Stefan Röll, Customer Engineer at Microsoft Germany for Microsoft Endpoint Manager. In my last Delivery Optimization Blog, I wrote about how you can test Delivery Optimization in your Organization. After many discussions with customers, I have noticed that it is not always clear when Delivery Optimization can be used, so I made a couple of tests and here are my results.

 

TL;DR

Delivery Optimization can be used to optimize setup and update downloads for various products. However, it is important to understand in which scenarios it can be used to optimize traffic. The table below will give you a quick overview. For more details continue reading.

 

What is Delivery Optimization?

Delivery Optimization (DO) is a service that consists of multiple components. It has the goal to minimize the traffic that is downloaded from internet to your internal network by caching and sharing content internally.

The Delivery Optimization service is hosted in the cloud and the Delivery Optimization downloader on Windows 10 uses information provided by the cloud service to find peers in the local network.

However, the Delivery Optimization Downloader can also be used to download Content without seeking for Peers or without contacting the cloud service.

For example, in VPN scenarios the Delivery Optimization Downloader is still downloading the content, but not sharing content with peers.  When a different download method like Background Intelligent Transfer Service (BITS) is used, the download will never be optimized via Delivery Optimization.

 

What is Microsoft Connected Cache?

Microsoft Connected Cache (MCC) is an extra component that you can install in your company network. It provides an additional caching source inside your network for your clients to have even better caching results. Right now, the MCC is only available as an additional component on Configuration Manager (ConfigMgr) Distribution Points but might be available as standalone container in the future.

The challenge with MCC is that clients need to find this caching server. In a ConfigMgr environment it can be automatically configured via the Boundary Group configuration.  If you don't use ConfigMgr, you can manually configure the MCC to be used by clients via Group Policy or Configuration profiles in Intune.

However, these entries are always static and not ideal for roaming clients. But the solution to this is already here. For Windows 10 2004 and above you can configure an DHCP Option to provide the clients the nearest MCC.

 

Which content can I download over Delivery Optimization?

Now the things can get a little difficult. It is always important to remember which downloader is used for content - DO or BITS.

ConfigMgr uses BITS by default but can be forced to use DO in some scenarios.

Windows Update in Windows 10 uses DO by default - every content that is downloaded via the Windows Update agent can be optimized via DO.  Office Click2Run (2019 + 365) can use DO since version 1912 for the installation. Office Updates work with DO for quite a while now.  Unfortunately, not everything works with MCC yet, so let's get into the details:

 

 

Product

Workload managed via Intune

Workload managed via ConfigMgr

Microsoft Updates

DO + MCC

DO 1

Windows 10 Upgrades

DO + MCC

DO (via Servicing) 1

Office 365 Installs

DO + MCC

DO + MCC (via CDN) 2

Office 365 Updates

DO + MCC

DO not supported  3

Store and Store for Business Installs/Updates

DO + MCC

DO + MCC 4

Intune Win32 Apps

DO + MCC

N/A

Microsoft Edge Updates

DO not supported 5

DO 6

Defender Definition Updates

DO + MCC

DO (via MECM) / DO + MCC (via WU)  7

All tests were performed on Win 10 20H2 19042.928 and ConfigMgr 2103 5.00.9049.1010 in May 2021

 

 

1) Microsoft Updates and Upgrades via ConfigMgr

For Microsoft Updates and Upgrades, DO can only be used if you enable 'download delta content' in the Client settings and the content is not available on internal DPs. See my other Blog post for details.

 

2) O365 Installs via ConfigMgr

Office 365 Installs can only be optimized via DO in ConfigMgr if the Content is downloaded from the Content Delivery Network (CDN) and not from internal Distribution Points. See my other Blog post for details.

 

3) O365 Updates via ConfigMgr

When you deploy O365 Updates over ConfigMgr, DO will never be used. The current implementation of the Delta Downloader does not support O365 content.

 

4) Store and Store for Business Installs and Updates via ConfigMgr

Microsoft Store Apps deployed via ConfigMgr use DO + MMC when deployed in Online mode. Offline Apps (where the content is stored on your local DPs) cannot use DO + MCC.

 

Picture1.png

 

5) Microsoft Edge Updates via Intune

If you don´t mange Microsoft Edge Updates via ConfigMgr, the internal Updater from Microsoft Edge is used. Unfortunately, this Updater doesn’t support DO.

 

6) Microsoft Edge Updates via ConfigMgr

If you use ConfigMgr to Update Microsoft Edge you need to disable automatic Updates inside Edge. Updates for Microsoft Edge are deployed as regular Microsoft Updates via ConfigMgr and therefore DO can only be used if you enable 'download delta content' in the Client settings and when the content is not available on internal DPs.

 

7) Defender Definition Updates via ConfigMgr

If you manage Defender Definition Updates via ConfigMgr, it depends on which Update Source you configured if DO can be use. If you configure ‘Microsoft Update’ as source, DO+MCC can be used. But keep in mind that you might need to reduce the File Size cached by DO via Group Policy or Configuration profiles in Intune. If you configure ‘Configuration Manager’ as source, DO can only be used if you enable ‘download delta content’ in the Client settings and the content is not available on internal DPs.

 

 

Summary

When you manage your Clients over Intune, DO and MCC can be used for almost all scenarios without complex configuration. If you manage your Clients with ConfigMgr, you need to know in which situations DO + MCC can be used.

I hope my blog helps you to understand the behavior a bit better.

 

Happy Caching!

 

Stefan Röll

Customer Engineer - Microsoft Germany

 

 

Resources: 

Stay current while minimizing network traffic: The power of Delivery Optimization

https://myignite.techcommunity.microsoft.com/sessions/81680?source=sessions

Delivery Optimization reference

https://docs.microsoft.com/en-us/windows/deployment/update/waas-delivery-optimization-reference

Delivery Optimization and Office 365 ProPlus

https://docs.microsoft.com/en-us/deployoffice/delivery-optimization

Optimize Windows 10 update delivery with Configuration Manager

https://docs.microsoft.com/en-us/configmgr/sum/deploy-use/optimize-windows-10-update-delivery

Microsoft Connected Cache in Configuration Manager

https://docs.microsoft.com/en-us/configmgr/core/plan-design/hierarchy/microsoft-connected-cache

Modern Content Distribution: Microsoft Endpoint Manager and Connected Cache

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/modern-content-distribution-microsoft-endpoint-manager-and/ba-p/1148669

 

Disclaimer:

This posting is provided "AS IS" with no warranties and confers no rights

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.