I attended an event last night hosted by Windows Server User Group (WSUG) @ Microsoft UK, London Victoria.
It was hosted by Joey Snow from Microsoft in Redmond.
The nuts of it is:-
BrancheCache is used for WAN optimisation where remote branch offices already use the WAN to download from HTTP (Sharepoint/IIS etc) or File Sharing servers in a remote datacentre.
It does not protect users from WAN failure as a connection to the remote server is always required each and everytime a file is accessed.
There are two decision points to use either:-
1/ Hosted
- Requires a local 2008 R2 Server to perform the caching
- Local 2008 R2 Server requires a SSL Certificate, trusted by the local Windows 7 clients
- Use Group Policy to configure the local Windows 7 clients to use the local cache server
- Files can be seeded on the local cache server
2/ Distributed
- Using local Windows 7 client computers only, no server
- Peer to peer broadcasts on current subnet only
- Configured using Group Policy
- Really should use BitLocker to encrypt the client drives or EFS to encrypt the cache file
- As each client computer is shutdown the cache becomes unavailable
Both options require the remote datacentre server is running 2008 R2 with Branchcache feature enabled and only Windows 7 clients can utilize the feature.
The feature is secure and only users with permission can access files and the cached files are stored in a single file similar to Offline files.
BranchCache only works on files over 64k, this rules out caching most logon scripts from domain controllers.
The cache file is stored in the Network Service profile and are protected by ACL's only.
I don't recommend you use it for roaming profiles file servers either as it will only help users that log on to multiple computers at the same time.
There are already other options for optimizing branch office WAN performance and these include Read-Only domain controllers, Distributed File System (DFS) and Folder redirection with Offline Files
I have to be honest and I can only see one use for this in a business, that is a small branch office that has no budget for local infrastructure and is currently really struggling with a maxed out WAN connection. If the branch office has budget wouldn't you install a 2008 R2 Server as a local File Server running Read-only domain controller and DFS up to the datacentre for backups.
I'd recommend enabling Transparent caching on all branch office Windows 7 clients combined with BitLocker if this data could be sensitive as it has no dependencies on 2008 R2 and is transparent to the users.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment