BranchCache is a feature of Microsoft Windows 7 which can be utilized for businesses that operate from multiple office locations. BranchCache provides a file caching service for professional network administrators which works by enabling Windows servers to automatically retrieve and distribute the local copies of files which are being accessed remotely by Windows 7 clients.
BranchCache can help increase network responsiveness of centralized applications, when they are accessed from remote offices, and users in those offices can experience as if they are working on their local area network. BranchCache also helps in reducing WAN utilization. When you enable BranchCache, a copy of data accessed from intranet Web and file servers is cached locally in the branch office. When another client on the same network requests that file, the client downloads it from the local cache without downloading the same content from the WAN link.
Your system must meet the following requirements to use BranchCache:
Client computers must use Windows 7, with the BranchCache feature enabled on it.
Web servers and File servers must use Windows Server 2008 R2, with the BranchCache feature enabled on it.
BranchCache can operate in one of two modes:
Distributed Cache uses peer to peer architecture. Distributed Cache is beneficial for branch offices that do not have a local server.
Hosted Cache uses a client/server architecture, Client computers cache contents to a computer on the local network running Windows Server 2008, which is known as the Hosted Cache. Other clients who need the same content can retrieve it directly from the Hosted Cache. The Hosted Cache computer can run Windows Server 2008 and can also host other applications.
Hosted Cache Mode:
The Hosted Cache is a repository of data which has been downloaded from BranchCache enabled servers in the branch office by BranchCache enabled clients. Hosted Cache mode does not need a dedicated server. The BranchCache feature can be enabled on any server with Windows Server 2008 R2, which is located in a branch.vBranchCache can be set up as a virtual workload and run on a server simultaneously with other workloads, such as File and Print.
Hosted Cache mode uses the following process to cache and retrieve data:
The Windows 7 client connects to the content server and requests a file in the similar way when files are retrieved without BranchCache.
The content server authorizes and authenticates the client. If the process of authentication and authorization is successful, it returns content metadata over the same channel from which data would have been sent.
The client uses the hashes in the metadata for searching the file. As this is the first time any client has retrieved the file, therefore it is not already cached on the local network and the client retrieves the file directly from the content server.
The client establishes a Secure Sockets Layer (SSL) connection with the Hosted Cache server, and also offers the content identifiers over this encrypted channel.
The Hosted Cache server connects to the client and retrieves the set of those blocks that it does not have cached.
When another Windows 7 client requests the same file from the content server. The content server again authorizes the user and sends content identifiers.
The client uses these identifiers for requesting the data from the Hosted Cache server. The Hosted Cache server encrypts the data and then sends it to the client. The data is encrypted with a key that is derived from the hashes sent by the content server with the content metadata.
The client decrypts the data, and ensures that it is identical to the block hashes that the content server provided with the content metadata. It ensures that the content has not been modified.
Distributed Cache Mode:
In this mode, Windows 7 clients retrieve the cache contents by the WAN, then send that content directly to other authorized Windows 7 clients whenever requested. Distributed Cache mode is best for branch offices with less than 50 users.
The first client to retrieve content from a content server by using the WAN becomes the source for that content in the branch for other clients requesting the same content. When another client requests the same content, it downloads only the content metadata from the content server and sends a request for the segment hashes on the local network to determine if some other client already has the cached data. Then the second client retrieves the content locally from the client that has the content data.
This process is similar to the process used by the Hosted Cache mode, but the requests for cached content are sent to the local network and a Hosted Cache server is not required.
Distributed Cache mode uses the following process to cache and retrieve data:
The Windows 7 client connects to the content server and requests a file in the similar way when files are retrieved without BranchCache.
The content server authorizes and authenticates the client, and the server sends an identifier that is client used by client to search for the file on the local network. Whenever any client attempts to retrieve the file for the first time, it is not cached on the local network. So, the client retrieves the file directly from the content server and caches it.
When another client requests the same file from the content server, then it authenticates and authorizes the user in the similar way it would have done if BranchCache was not being used. If the process of authentication and authorization is successful, it returns content metadata over the same channel that data would normally have been sent.
The other client sends a request on the local network for the required file by using the Web Services Discovery (WS-Discovery) multicast protocol.
The client that cached the file earlier sends the file to the requesting client. The data is encrypted with a key which is derived from the hashes sent by the content server with the content metadata.
The client decrypts the data by computing the hashes on the blocks received from the first client, and ensures that it is similar to the block hashes provided with content metadata by the content server. It ensures that the content has not been modified.
BranchCache improves the performance of applications that use one of the following protocols:
HTTPS and HTTP. The protocols used by Web browsers and many other applications, such as Internet Explorer or Windows Media, among others.
SMB (including signed SMB traffic). The protocol used for shared folders.
BranchCache only retrieves data from a server when the client requests it. As it is a passive cache, it does not increase WAN utilization. BranchCache only caches read requests and does not interferes with a user saving a file.
BranchCache Client Configuration:
On the Windows 7 Client you need to configure the GPO by editing the settings in the MMC. Follow these steps to configure Branchcache on Windows 7 Computer:
Click Start, and type Group Policy in the search box then click Edit Group Policy.
Click Administrative Templates in the Computer Configuration section in the left pane.
Click Network, and then click Branch Cache.
You can enable various options in the Branch cache, by double clicking the option and selecting enable.
If you are using Distributed Cache, enable Turn on BranchCache and then turn on Set BranchCache Distributed Cache Mode. If you are using hosted cache mode you will need to enable Turn on BranchCache and enable Set BranchCache Hosted Cache mode. Optionally, you can also set other values using this set of GPOs, like latency values or setting a percentage of your disk space dedicated to this cache. When you use Group Policy or local computer policy settings to enable BranchCache, the correct firewall exceptions are automatically created to allow BranchCache traffic.
Importing the BranchCache Certificate on Client Computers:
You can use the following steps to import the BranchCache certificate into the Trusted Root Certification Authorities certificate store for the local computer on each BranchCache client computer. To perform these steps you should be a member of the Administrators group:
Click Start and in the search box type mmc.
Click File, and then click Add/Remove Snapin. The Add or Remove Snapins dialog box opens, click Certificates, and then click Add.
In the Certificates snap-in page, click Computer account, and then click Next.
In Select Computer, ensure that Local computer is selected, click Finish and then click OK. The Certificates snap-in is now added to the MMC.
In the MMC, double-click Certificates (Local Computer), and then double-click Trusted Root Certification Authorities.
Click Certificates.
In the Action menu, click All Tasks, and then click Import. The Certificate Import Wizard is opened.
Click Next. click Browse in the File to import. In the Open dialog box, go to the folder location where you saved the BranchCache.cer file. Select the file and then click Open.
On the Certificate Import page, click Next.
In Certificate Store, ensure that Trusted Root Certification Authorities is selected, and then click Next.
Click Finish. An information dialog box opens and displays the message The import was successful. Click OK.
Additional Reading:
For more information on BranchCache, read the following: