This is part 1 of a 2 part post. Part 1 (This one) demonstrates how to install and configure BranchCache while Part 2 will demonstrate how to prove that BranchCache is actually working.
Today I configured one of our smaller branch offices with a slow WAN link to use BranchCache with SCCM for application deployment.
I’m not going to talk about what branchcache is as I am assuming that by reading this post you have already identified a requirement for this feature within your organisation. If, however, you would like to research this further, here are the links to the documentation that I used:
One of the great things about BranchCache is that it takes mere minutes to configure and can be switched on or off at the flick of a switch. (A.K.A GPO deployment!)
Below are the steps I took to implement this feature, and in part two of this post we’ll test it to confirm that it’s working.
1. The first thing I did was to enable Branchcache on the distribution point. To do this, right-click the Distribution point and select properties:
Ticking this will actually install the BranchCache feature for you! Let’s confirm this by running a simple Powershell command:
That’s all that’s required on the server side.
3. The next thing is to configure BranchCache on the clients. This is as easy as configuring and linking a GPO: (Want to Powershell this?)
Open GPMC.msc and navigate to: Computer Configuration -> Policies -> Administrative Templates -> Network -> BranchCache
This is where all of the Group Policy settings reside that we need. At a minimum, you will need to:
- Turn on BranchCache
- Set BranchCache Distributed Cache Mode.
(You will not require any of the hosted cache settings as Configuration Manager only works with Distributed mode)
I only have Win 7 computers at the moment, however, if you have Windows 8.x you may wish to look at the other settings. (‘Set age for segments in the Data cache’ looks particularly useful.)
4. The next item is to configure the inbound and outbound firewall rules on the clients. You can either choose to do this in the same GPO or a separate one – whatever floats your boat.
Still within GPMC.msc then, navigate to : Computer Configuration -> Windows Settings -> Security Settings -> Windows Firewall -> Windows Firewall with Advanced Security
Select ‘Inbound Rules’ and right-click it to select ‘New Rule’:
Then select the ‘Predefined’ radio button:
Now add the following two inbound rules as per the screenshot below:
(Note: I went into the properties of these two rules afterwards to ensure that only the domain profile was selected.)
You now need to do the same for Outbound rules:
5. Make sure you link your GPO’s to the OU that contains the computers that will be used for the BranchCache feature.
6. For any application in Configuration Manager that you want to be able to take advantage of BranchCache, simply ensure that you tick ‘Allow clients to share content with other clients on the same subnet‘ which can be found on the properties of the DeploymentType of each application:
Now at your branch office, the first computer that requests an application will pull it down from your BranchCache enabled Distribution Point and then cache it on it’s local hard drive; other computers at the same branch office can now obtain the content locally. Turning off this feature is as simple as a GPO tweak.
My next post will demonstrate how to see if BranchCache is actually working.