Windows Server 8 Beta BranchCache Early Adopters Guide

							          Windows Server® “8” Beta
       BranchCache Early Adopters Guide
                  Network Optimization with BranchCache


Microsoft Corporation
Published: March, 2012
Author: Tyler Barton


Contents
1 INTRODUCTION                                                                           2
 1.1   Scenario                                                                              2
 1.2   Technical Overview                                                                    2

2 REQUIREMENTS                                                                           3
3 STEP-BY-STEP INSTRUCTIONS                                                              4
 3.1   Installing and Enabling BranchCache with Windows 8                                    4
   3.1.1   Enabling BranchCache with Group Policy and Automatic Hosted Cache Discovery       4
   3.1.2   Deploy the Hosted Cache Server in your Branch Office                              7
   3.1.3   Verify Client Settings                                                            7
 3.2   Deploy BranchCache Enabled File and Web Servers                                       9
   3.2.1   End-to-End Data Deduplication                                                     9
 3.3   Deploy Multiple Hosted Cache Servers                                                  9
 3.4   Prehashing and Preloading Content                                                 10
   3.4.1   Preparing a Data Package                                                      11
1 Introduction
1.1 Scenario
Cloud computing and server consolidation reduce the cost and complexity of an IT infrastructure, but
they also increase the amount of communication over slow Wide Area Network (WAN) connections.
Added latency hurts productivity, and greater bandwidth consumption over the WAN connection
increases networking costs. Network upgrades are often needed to keep up with the increased network
traffic load.

1.2 Technical Overview
BranchCache in Windows Server® “8“ Beta and Windows 8 Consumer Preview caches file, web, and
application content at branch office locations, allowing client computers to access data using the local
area network (LAN) rather than accessing the content over slow WAN connections.

BranchCache reduces both WAN traffic and the time that is required for branch office users to open files
on the network. BranchCache always provides users with the most recent data, and it protects the
security of your content by encrypting the caches on the hosted cache server and on client computers.

BranchCache was first introduced in Windows 7 and Windows Server 2008 R2, and is improved in
Windows Server “8“ Beta and Windows 8 Consumer Preview. For more information about BranchCache
in Windows Server “8“ Beta and Windows 8 Consumer Preview, including security information and a
comprehensive list of new features, see BranchCache overview.

Note

          For information about BranchCache in Windows 7 and Server 2008 R2, see
           http://branchcache.com and BranchCache for Windows Server 2008 R2.

With the following new BranchCache features in Windows Server 8, you can now deploy BranchCache in larger branch
offices:

  • Deployment of multiple hosted cache servers. Windows Server 8 provides the ability to scale hosted cache–
     mode deployments for offices of any size by allowing you to deploy as many hosted cache servers as are needed
     at a location.

  • Improved database performance. BranchCache now uses the Extensible Storage Engine (ESE) database
     technology that powers Microsoft Exchange Server. This allows a single hosted cache server to meet the
     demands of more people while using the same hardware. It also allows a hosted cache server to store
     significantly more data (on the order of terabytes), which is necessary to provide high optimization for large
     organizations.

New tools and a simplified deployment model make BranchCache more effective, easier to implement, and less
expensive to operate because:

  • BranchCache no longer requires office-by-office configuration. Deployment is streamlined because there is
     no requirement for a separate Group Policy object (GPO) for each location. Only a single GPO that contains a
   small group of settings is required to deploy BranchCache in any size organization, from a small business to a
   large enterprise.

 • Client computer configuration is automatic. Clients can be configured through Group Policy as distributed
   cache–mode clients by default; however, they search for a hosted cache server, and if one is discovered, clients
   automatically self-configure as hosted cache-mode clients.

 • Cache data is kept encrypted, and hosted cache servers do not require server certificates. BranchCache
   security provides improved data encryption and other technologies, providing data security without requiring a
   public key infrastructure or additional drive encryption.

 • BranchCache provides tools to manipulate data and preload the content at remote locations. Now, you can
   push content to branch offices so that it is immediately available when the first user requests it. This allows you
   to distribute content during periods of low WAN usage.

 • BranchCache is deeply integrated with the Windows file server. BranchCache uses Windows file server’s
   state-of-the-art technology to divide files into small pieces and eliminate duplicates. This greatly increases the
   chance of finding duplicate pieces in independent files, resulting in greater bandwidth savings. BranchCache is
   also more tolerant of small changes in large files.

 • File division calculations are performed only one time and may be done offline. When a client computer
   that is running Windows 8 downloads content from a file server or web server that is running Windows Server 8
   and is using new disk deduplication technology, there is no need for BranchCache to calculate how to divide the
   content because the file server and web server have already made these calculations. Content information is
   calculated offline, well before a BranchCache client requests a file. This provides faster performance and more
   bandwidth savings because content information is ready for the first client that requests the content and
   calculations have already been performed.

 • BranchCache is now manageable with Windows PowerShell and Windows Management Instrumentation
   (WMI). This enables scripting and remote management of BranchCache content servers, hosted cache servers,
   and client computers.



2 Requirements
 • File and web servers (content servers) must be running either Windows Server 2008 R2 or Windows Server “8“
   Beta to provide BranchCache functionality. Windows 8 clients will continue to see benefits from BranchCache
   when accessing content servers that are running Windows Server 2008 R2, however they will be unable to make
   use of the new chunking and hashing technologies in Windows Server 8.

 • Clients must be running Windows 8 Consumer Preview to make use of the new deployment model and the
   chunking and hashing improvements that are described in this document.

 • Hosted Cache Servers must be running Windows Server “8“ Beta to make use of the deployment improvements
   and scale features described in this document. A computer that is running Windows Server “8“ Beta that is
   configured as a hosted cache server can continue to serve Windows 7 clients, but to do so, it must be equipped
   with a certificate that is suitable for Transport Layer Security (TLS), as described in the BranchCache Deployment
   Guide for Windows Server 2008 R2 and Windows 7.

 • An Active Directory Domain is required to take advantage of Group Policy and hosted cache automatic
   discovery, but a domain is not required to use BranchCache. You can configure individual computers by using
   Windows PowerShell.
  • Active Directory Sites are used to limit the scope of hosted cache servers that are automatically discovered. To
    automatically discover a hosted cache server, both the client and server computers must belong to the same site.

    BranchCache is designed to have a minimal impact on clients and servers and does not impose additional
    hardwarerequirements beyond those needed to run their respective operating systems.



3 Step-By-Step Instructions
3.1 Installing and Enabling BranchCache with Windows 8
The following steps explain how to setup BranchCache. This guide makes use of the new deployment
features in Windows 8, including simplified hosted cache server setup and automatic hosted cache
server discovery. Note that the deployment model described in the Windows 7 / Server 2008 R2
BranchCache deployment guide is still valid and may be used with Windows 8 / Windows Server 8
machines.

3.1.1 Enabling BranchCache with Group Policy and Automatic Hosted Cache Discovery
BranchCache can now be deployed without office-by-office configuration. A single group policy object
can be used for all the Windows 8 client computers in an enterprise. In this section, we’ll author a group
policy object that instructs clients to enable BranchCache and to attempt automatic discovery of nearby
hosted cache servers by looking for service connection points. If a server cannot be found, clients will
fail back to the infrastructure-less distributed cache mode.

The following steps explain how to author policy to configure BranchCache:

    1. Connect to your Domain Controller and start “Group Policy Management” or start “Group Policy
       Management” from a machine with the ability to remotely author group policy objects.
    2. The group policy object described here may be linked at the domain root or OU level to achieve
       maximum effect. Browse to the target domain or OU, right click and choose “Create a GPO in
       this domain, and Link it here….”
3. Assign the object a name of your choice. In this guide we will assume you name the object
    “Enable BranchCache.”
4. Right click the “Enable BranchCache” object and choose “Edit”
5. Browse to the BranchCache administrative template (Computer Configuration > Policies >
    Administrative Templates: Policy definitions (ADMX files) retrieved from the local machine. >
    Network > BranchCache)
6. Double click on the “Turn on BranchCache” policy.
7. Select the “Enabled” radio button and click “ok”
8. Double click on the “Set BranchCache Distributed Cache mode” policy
9. Select the “Enabled” radio button and click “ok”
10. Double click on the “Enable Automatic Hosted Cache Discovery by Service Connection Point”
    policy
11. Select the “Enabled” radio button and click “ok”
The following steps explain how to configure the Windows Firewall to permit BranchCache traffic.

1. Browse to the firewall configuration snap-in (Computer Configuration > Policies > Windows
   Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall
   with Advanced Security > Inbound Rules)
2. From the “Action” menu select “New Rule”
3. Click the radio button next to “Predefined” and select “BranchCache - Content Retrieval (uses
   HTTP) from the pull down menu. Click “Next”
4. Click “Next” at the following screen, then ensure that the radio button next to “Allow the
   connection” is selected before proceeding. Click “Finish”
5. From the “Action” menu select “New Rule”
6. Click the radio button next to “Predefined” and select “BranchCache – Peer Discovery (WSD –
   In)” from the pull down menu. Click “Next”
7. Click “Next” at the following screen, then ensure that the radio button next to “Allow the
   connection” is selected before proceeding. Click “Finish”
    8. Close the “Group Policy Management Editor”

3.1.2 Deploy the Hosted Cache Server in your Branch Office
It’s no longer necessary to equip a hosted cache server with a certificate, or to use drive encryption
technologies to keep cached data safe. BranchCache automatically encrypts cached data, and because
the hosted cache server doesn’t need to decrypt data, it no longer needs a certificate for secure
communication with clients.

First, the BranchCache feature must be installed on the Windows 8 Server that will act as a hosted cache
server in your branch office.

    1. Start PowerShell with administrative privileges and type the following commands:

        PS C:\> Import-Module ServerManager
        PS C:\> Add-WindowsFeature -name BranchCache
        PS C:\> Import-Module BranchCache


    2. The following command will enable hosted cache server mode and will instruct this machine to
       register its presence for automatic client discovery:

        PS C:\> Enable-BCHostedServer –RegisterSCP



    3. You can verify the operational mode of this machine using PowerShell:

        PS C:\> Get-BCStatus



3.1.3 Verify Client Settings
Clients will automatically download group policy and attempt to discover hosted cache servers every so
often. BranchCache will not discover configuration and new hosted cache servers instantaneously, but
instead will do so periodically. This is to minimize load on Active Directory. To proceed immediately,
you may force a group policy refresh and restart the BranchCache service to prompt a search for the
hosted cache server that was deployed.

The following steps explain how to verify correct client configuration

    1. Connect to a client computer.
    2. Start PowerShell with Administrative privileges
    3. Force a group policy refresh by typing the following command:

        PS C:\> gpupdate /force
    4. Restart the BranchCache service to force the immediate discovery of the hosted cache server by
       typing the following commands:
   PS C:\> net stop peerdistsvc
   Note that the BranchCache service (peerdistsvc) may already be stopped.

   PS C:\> net start peerdistsvc


5. Inspect the current BranchCache operational mode by typing the following command:

   PS C:\> get-BCStatus


6. Near the beginning of the output of this cmdlet, look for the “CurrentClientMode” field under
   the “ClientSettings” header. It should read “HostedCacheClient.”
3.2 Deploy BranchCache Enabled File and Web Servers
The BranchCache feature must be installed on Web servers and the BranchCache for Network Files Role
Service must be installed on File servers. Content server deployment is unchanged in Windows Server 8.
To deploy your content servers with Windows Server “8” Beta, you can use the procedures that are
provided in the section Install and configure content servers in the BranchCache Deployment Guide for
Windows Server 2008 R2 and Windows 7.

3.2.1 End-to-End Data Deduplication
Improvements to chunking and hashing that enable greater bandwidth savings do not require explicit
configuration. These improvements are available automatically, and will benefit communication
between Windows 8 clients and Windows Server 8 content servers. No explicit configuration is
necessary. After enabling disk data deduplication on a File server, BranchCache automatically uses pre-
calculated block boundaries and hashes to optimize the disk.

3.3 Deploy Multiple Hosted Cache Servers
Multiple hosted cache servers can be used in a single location to serve more clients and cache more
data. When retrieving data, a client will query all hosted cache servers nearby, but clients will only
upload new data to one, randomly chosen hosted cache server.

3.3.1.1 Automatic Client Configuration
If you follow the steps described in sections 3.1.1 and 3.1.2, and enable the automatic discovery of
hosted cache servers, no additional configuration is necessary. Each hosted cache server will register it’s
presence. Clients will automatically detect multiple hosted cache servers and use them appropriately.
You can example client configuration using the Get-BCClientConfiguration cmdlet. All available hosted
cache servers will be listed:




3.3.1.2 Explicitly Configuring a Hosted Cache Server List
You can configure a client to use a list of hosted cache servers using group policy or using the Enable-
BCHostedClient cmdlet with the –ServerNames parameter.
3.4 Prehashing and Preloading Content
New PowerShell cmdlets allow you to force file and web servers to calculate hashes for data ahead of
time, before the first client access. These tools can also be used to gather the data on file and web
servers into packages that can be transferred to remote hosted cache servers. This provides a means for
preloading remote hosted cache servers so that data is available for the first client access.

   1. Logon to the file or web server housing the data that you wish to preload and identify the
      folders and files that you wish to load on the remote hosted cache server.
   2. For each folder and file, invoke the Publish-BCFileContent cmdlet or the Publish-BCWebContent
      cmdlet to trigger hash generation and to add data to a data package.
   3. When all the data has been added to the data package, export it using the Export-
      BCCachePackage cmdlet to produce a data package file.
    4. Move the data package file to the remote hosted cache server using your choice of file transfer
       technology. FTP, SMB, HTTP, DVD and portable hard disks are all viable transports.
    5. Import the data package file on the remote hosted cache server using the Import-
       BCCachePackage cmdlet.




3.4.1 Preparing a Data Package
A data package is a compressed volume containing data from a single file or web server. The Publish-
BCFileContent and Publish-BCWebContent cmdlets can be used to force hash generation and add data in
a folder to a staging area when the /StageData option is specified. These cmdlets can be called multiple
times on multiple folders. Each time the cmdlet is called with the /StageData flag, the target files will be
accumulated in a staging area. When you have run these cmdlets on all the folders containing data you
wish to preload, you can export everything that was accumulated in the staging area.

3.4.1.1 Preloading Example
In this example, we’ll use the BranchCache PowerShell cmdlets to prepare a package of web content for
export.

    1.    On the webserver, identify the content you wish to preload. In this case, well take the entire
         contents of D:\inetpub\wwwroot. If there were other folders on the machine containing data
         we wished to prepare for preloading, we would call the Publish-BCWebContent cmdlet multiple
         times, once per folder.
2. After we’ve identified and hashed all the data we wish to preload, we will call Export-
   BCCachePackage to produce a file that can be preloaded on the remote hosted cache server.
   This cmdlet will produce a data package and a reference catalogue. The reference catalogue can
   be used if this process is followed again later, with only subtle differences in the data we wish to
   preload.




3. The data package must be transported to the remote hosted cache server(s). This is not covered
   here. The data package may be transported using a number of network protocols (ex: HTTP,
   SMB, FTP) or may be moved on physical media (CD, portable hard disk).

    Once the data package has been transported, it must be loaded into the cache on the hosted
    cache server.
4. At a later time, we may make subtle changes to the original content set on the webserver.
   Suppose we add a new directory called NEW_IMAGES, containing files that were not preloaded
   in the original package. We might want to ensure that this web site is preloaded on remote
   hosted cache servers, but we may not want to waste resources preloading some of the same
   content again. We only wish to transmit the new data. Instead of keeping track of all of the
   individual files transported in the old package, we can use the reference file produced in step 2
   as input. If we do so, only data NOT included in the original package will be placed in this new
   package.




    The resulting cache package will only contain data that was not transported in the previous
    iteration of this process