One of the many new features introduced with the Windows Intune June 2012 release was the enablement of Peer Distribution of BITS content. While this is something that is usually thought of as being enabled by the combination of Active Directory, Group Policy and BrancheCache, Windows Intune is delivering this capability without any real infrastructure requirements, apart from having multiple client PCs with the same OS and app requirements on the same subnet.

Enabling Peer Distribution

You need to make sure that the appropriate firewall options are set via the Windows Intune console before you begin. In the following image, you will see the final option, BITS Peercaching, which is the important option to enable for the appropriate network types. In this case, I’ve allowed it on Public networks, only because the test virtual network environment is completely isolated from other traffic, in a real world scenario you wouldn’t enable this option.

Firewall Policy

Now that it’s set, make sure you apply the policy as needed, and refresh the policies on the required machines to make sure they get the setting sooner rather than later.

How To Tell If Peer Distribution Is Working

There are several ways, with the first including watching your internet traffic usage as new clients come online and download updates. If there are other active devices on the network, this could be hard to judge. In my isolated TMG Windows Intune test network I can monitor incoming and outgoing traffic on the appropriate NICs quite easily, and generally speaking, if I see lots of traffic, I know it’s not working. If I see hardly any traffic, yet the clients are pulling down several hundred megabytes of updates, I know that things are working well.

Secondly you can monitor how quickly the updates are being delivered to the client when you manually check. If the incoming traffic is faster than your connection allows, that’s a pretty good sign that it’s working. This isn’t the easiest one in the world to judge if you have a fast connection and the results could be interpreted either way.

That leaves the third option, which give a much more definitive answer, and without resorting to any command line utilities or advanced network tools. All you need is the Network Tab within Resource Monitor from within Windows 7, and you’re set.

Peerdist Resource Monitor

Looking carefully at this image, you can see that PeerDist is retrieving the content from the other machines on the network. By pulling from multiple machines at once, your client will receive the updates as quickly as possible, and without placing a huge load on each of the other PCs. All up this machine needed over 350MB of updates, which were easily delivered by other PCs on the network. Faster downloads and installations, and leaving your internet connection less utilised is an all around winner in anyone’s books.

In case you’re wondering, the 350MB of updates are all of the post Windows 7 SP1 updates, along with all of the .Net Framework updates, and other recommended updates – not just security or critical updates.

Getting The Most Out Of Peer Distribution

What makes for a good Peer Distribution environment? Firstly, the other machine or machines on the network with the content that you want need to be powered on. If you are in an environment where people tend to have all of their PCs turned on at the same time as your PC, you should see a benefit. Next, you need other PCs to be running the same OS as yours to benefit from PeerDist with Windows Updates that you approve through Windows Intune.

A network with one Windows XP 32 bit PC, one Windows XP 64 bit PC, one Windows Vista 32 bit PC, one Windows Vista 64 bit PC, one Windows 7 32 bit PC and one Windows 7 64 bit PC is not going to save you a huge amount of bandwidth on Patch Tuesday. All is not lost though, as you will find that some updates, such as .Net Framework and others, apply across multiple versions of operating systems, so there will still be some net benefit.

This scenario highlights that having a Standard Operating Environment, or at least minimising the number of client operating systems installed, is going to make this process more effective. In a Windows 7 environment, you only need Windows 7 Pro or higher installed for this feature to be enabled, so you don’t even have to roll out your Windows 7 Enterprise (or soon Windows 8 Enterprise!) upgrades in order to deliver this service.

You will always need to bring down each update at least once (twice or more if the machines hosting that update are unavailable when other machines require them), but the potential for bandwidth savings here are huge. As we move to a world where we are consuming more and more cloud service, any bandwidth savings we can make are a step in the right direction!

Now that you’ve got an understanding of the benefits, next up will be a review of two methods of distributing the Office 2013 beta, and whether PeerDist delivers…