Windows Software Update Services (WSUS) is commonly used to distribute security patches and updates for Windows operating systems and Microsoft applications. WSUS is a web application that runs within Internet Information Services (IIS) on Windows Server. When client computers require updates WSUS is a local source of updates and clients do not need to download updates from Microsoft Update on the Internet. To further conserve network bandwidth, WSUS servers use the Background Intelligent Transfer Service (BITS) to transfer updates efficiently using idle bandwidth whenever possible.
Networks that consist of large main office sites hosting WSUS servers and small branch office sites consisting primarily of client computers often need to reduce the amount of network traffic across the main office to branch office WAN link. BranchCache, a new feature only available on Windows 7 Enterprise, Ultimate editions and Windows Server 2008 R2 can be used to ensure that any update file is only transferred once between main office an branch regardless of the number or branch office clients.
To enable BranchCache on a Server 2008 R2 WSUS server use Server Manager to add the BranchCache feature. Client computers can be configured using the Netsh BranchCache commands or, on large numbers of computers using Group Policy. Before a Windows 7 computer downloads an update from WSUS at the main office it uses WS-Discovery, a multicast-based protocol to see if the update has been already downloaded and cached by another computer at the branch. A nice bonus to enabling BranchCache is that it can also be used with file servers and other web applications.
A terrific resource for implementing BranchCache is Microsoft’s early adopter’s guide, which can be downloaded from:
Author: Mark Menges