Tip

BranchCache makes branch offices feel like home

Searching for a singular business reason to accelerate your upgrade to Windows 7? Look no further than with Windows Server 2008 R2's new BranchCache feature.

BranchCache creates an automated infrastructure for caching documents right within your individual branch offices. Once a remote document is accessed by a branch office desktop, that document is then cached in the remote location. Any future request for the document is automatically referred to its new second home instead of its far-away remote source.

The primary reason for local caching is speed. Caching documents to a local storage area dramatically reduces their load time. If a needed document is locally available, a requesting client will automatically load that document from the local cache instead of going over the wire. Since the document doesn't need to traverse the WAN, the net result for users is a dramatic improvement in performance with no extra outlay in network hardware.

Particularly powerful in Microsoft's implementation is the level of automation available right out of the box. The entire

Requires Free Membership to View

BranchCache infrastructure is designed to be a "set it and forget it" implementation. Once turned on, clients are automatically redirected to local copies of requested documents with no further involvement by administrators or change to user behaviors. This means that BranchCache runs virtually invisible; quietly redirecting users to close-in copies while preserving precious WAN bandwidth.

Today, BranchCache is only available with the combination of Windows 7 and Windows Server 2008 R2, making it a strong OS upgrade justification for distributed businesses who suffer from slow network links.

How does it work?

If your network is comprised of a single location, or multiple locations with exceptionally fast connections between, you should stop reading now. BranchCache isn't meant for you. For the rest of us, we likely support a high-speed LAN in the main office, but comparatively slow connections out to our remote locations.

Think for a minute about this kind of network. Employees who work in the main office can use documents quickly and efficiently because they're on the local LAN, but other users in remote offices don't enjoy the same performance. Working with a Word document or Excel spreadsheet on a remote file server can be exceptionally painful. Often, connections are so slow that users are forced to download the document, update it, and upload it when complete -- a multi-step process that can take several minutes per document. Users who work this way are not efficient, and generally quite unhappy.

BranchCache solves this problem by automatically caching a document once it is accessed. This means that while the first attempt to access a document still requires WAN traversal, subsequent accesses can occur from a speedy local cache.

Here's how it works.

Let's assume that a remote office client needs to access a document on a file server in the main office. The client issues a request for the file to a BranchCache-enabled file server. That server responds first by returning a tiny set of identifying data that describes the "chunks of content" that the client wants. The client then uses these clues to search its local network for a computer that has already downloaded the content.

It is here where Microsoft's BranchCache implementation really shines. BranchCache smartly allows for two different ways to locally cache that desired content. The first, called Hosted Cache mode, uses a specially-identified server that runs the BranchCache feature and is housed in each remote office. This server becomes the central storage location where clients can look to find any documents that have been cached locally.

But some environments can't afford to buy a separate server for each remote office. Others may have remote offices that are so small that local servers don't make sense. In either of these cases, BranchCache can alternately be configured into Distributed Cache mode. In this mode, each individual Windows 7 computer in the remote office is configured to host its own mini-cache. Designed for small remote offices with less than 50 computers, this Distributed Cache mode securely makes your desktops do the work without the cost of an extra server.

There are obvious benefits and gotchas associated with both solutions. While Distributed Cache mode doesn't require an extra server, it does require a small bit of extra processing power on each computer as well as extra disk space to store each computer's mini-cache. Requests for locally-cached documents in Distributed Cache also require the WS-Discovery protocol, which is a multicast protocol sent over UDP that effectively limits each caching boundary to an individual subnet. It is because of these extra needs that Distributed Mode is generally limited to very small branch offices with few users.

More on this topic

Check out our Windows 2008 R2 topic page for all the latest news and tips.

Hosted Cache mode obviously requires the purchase of an additional server and Windows Server 2008 R2 license for each branch office (or the enabling of the service on an existing server). But doing so consolidates all cached document copies into one place. Further, Hosted Mode enables clients to directly contact that server rather than multicast around the network. Because directed connections are used with Hosted Cache mode, there are no subnet limitations.

In either case, the BranchCache feature must be installed onto any file servers that will participate. Participating file servers must run Windows Server 2008 R2 and have the File Services role installed with the BranchCache for Network Files role service enabled.

By default, individual file shares must be tagged for BranchCache support as well. This is done within the Share and Storage Management console's Caching tab. There, select Enable BranchCache to configure the share for caching. Clients can be configured individually using the netsh command, or via Group Policy.

Secure and pervasive

BranchCache works with HTTP documents as well as traditional documents accessed through SMB. Particularly useful is its position below both the HTTP and SMB protocols in the Windows stack.

By operating at a level below both of these protocols, any tool that leverages the Windows stack for SMB or HTTP traffic will automatically and invisibly leverage BranchCache. This means that common applications like Robocopy, Windows Media Player, Internet Explorer, Flash, and Silverlight will all automatically make use of local copies if they are available. Neither you the administrator nor your users need to change behaviors in any way to make use of this infrastructure.

Security is also a concern with this service's potential for distributing documents all around your network. Built into the BranchCache service are security measures for protecting data both while it sits in cache locations and when it crosses the network.

First, BranchCache is designed to respect existing NTFS permissions on documents. Clients that attempt to access a document must be authenticated and authorized by the remote content server before any further steps are taken. Data sent from a cache storage location to a requesting computer is encrypted using AES 128. While stored in the clear by default, the cache storage location itself can be further protected by implementing BitLocker or EFS on each computer's cache file.

Two well-written documents are available that can help usher you into a new era of high-performance distributed file sharing. Both are available for download from Microsoft's website. The first is titled BranchCache Technical Overview. The second document contains more detailed installation information and is dubbed BranchCache Early Adopter's Guide.

Since BranchCache requires Windows Server 2008 R2 on any file servers and hosted cache servers, adding this service will require a server upgrade, and once again, clients must be running Windows 7 to participate. Yet this "set it and forget it" mechanism to squeeze more performance out of existing WAN lines is one feature that absolutely compels an upgrade.

If you're currently suffering from poor performance at your remote offices, consider BranchCache as your no-added-cost solution for improving user satisfaction.

Next: AppLocker in Windows Server 2008 R2

ABOUT THE AUTHOR:  Greg Shields, Microsoft MVP, is a partner at Concentrated Technology. Get more of Greg's Jack-of-all-Trades tips and tricks at www.ConcentratedTech.com.

This was first published in August 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.