Microsoft BranchCache

7/28/2019 Microsoft BranchCache

1/33


2/33


3/33


4/33

1. Problem Background

3. Accelerated Protocols and Workloads

4. Deployment and Management

2. BranchCache Solution Modes

5. BranchCache Protocols and Content Identification

6. Security


5/33

Problem Background


6/33

$$$$$$$$$$

$$

$$$$

$$$$

$$

$$$$

$$ $$$$ $$

$$

$$

$$

$$$$

$$


7/33

Thin, expensive WAN links betweenmain office and branch offices


8/33

BranchCache Solution Modes


9/33

Data

DataIDDataID


10/33

Data

SearchID

ID

IDData

Data

ID

IDIDDataID


11/33

Protocols and Workloads


12/33

Content ServerUses server side Peer Distribution APIs to get identifi

for data. IDs are packed in a Content Informationstructure

Content Information StructureTransmitted over the accelerated protocol insteadof data. Contains everything the client needs tofind data locally.

ClientFeeds the Content Information structure into the clienPeer Distribution APIs to find and download content lo


13/33

Office CopyFile Explorer SharePoint Office BITS

HTTPSMB

BranchCache

3rd Party Applications


14/33


15/33

http.sys

IIS

BranchCache

wininet

OpenURL

Branch CacheCapable

Data

Data

Data

H1 H2 H4 H5Hashlist

HashlistHashlist

Data

Data

H3

BranchCache

IE

Hashlist

Get data


16/33

SMB ServerDriver

SMB HashGeneration

Service

Generate or updatehash

Generate or uhashApplication

CSC Driver SMB Client Driver

CSCCache

Hashlist

CSC Service

BranchCache

DataHashlist

Request

Hashes

ReadFile

Data

PrefetchFile Data

DataAccess h

RequestHashes

Hashlist


17/33

Deployment and Managemen


18/33

Install the optional WindowsBranchCache component on aWindows 2008 R2 web or file server

Use Group Policy to enable WindowsBranchCache on Windows 7 clients

IIS

File Server Group PolicyManagement Hosted Cache

Optionally, install a hosted cache inyour branch. Configure clients touse it with Group Policy


19/33

Distributed CacheData cached amongst clients Hosted CacheData cached at hosted cache server

Enterprise


20/33

BranchCache Protocols and ContIdentification


21/33


22/33

IIS

File Server

PCCRTP - HTTPExtensions for retrieving Content Information over HTTP

PCCRD - DiscoveryBased on WS-Discovery. Findthe same subnet

SMB 2.1Extensions for retrieving Content Information over SMB

PCCRR - RetrievalUsed by a client to download blochosted cache. Also used by the hofrom a client

PCHC Hosted Cache OfferUsed by a client to alert the hosted cache when new blocks

are available.


23/33

Security


24/33

Server authenticates the clientand performs authorizationchecks

Server transmits content information structure tothe client only if the client has access. Transfer

happens over the accelerated protocol.

Client uses content informationstructure to calculate:

-segment id (public)-encryption key (private)

Client multicasts the segmentid to find a peer with the data

Client downloads encryptea peer or the hosted cachethem with the encryption k

Cached datbut can be BitLocker o


25/33

B1

B2

Bn

Hash(block)

HoD = Hash (Blockhashes) Ks

Kp = Hash(HoD, Ks)

Ke = Kp Hash(Kp, HoD +


26/33


27/33

Sockets

SSL

HTTP

IE

Data encrypted

Data in clear

Data in clear

Client Se

IPsec

S

Data encrypted

Data in clear

Data in clear

Data encryptedData encrypted

Data encrypted

Branch Cache Branch Cache


28/33


29/33

Hosted Cache

Clients

All data can be purged from the cache using netsh


30/33


31/33


32/33

http://europe.msteched.com/topic/list/
http://europe.msteched.com/topic/list/http://europe.msteched.com/topic/list/


33/33

Documents

Microsoft BranchCache