1 building an efficient branch infrastructure using windows server
TRANSCRIPT
1
Building an efficient Branch Infrastructure using Windows Server
Session Objectives And Takeaways
Session Objectives: Identify branch office challenges and opportunitiesIdentify new WS08 and Windows Server 2008 R2 features and capabilities benefiting branch office environments
Key Takeaways:Understand how Windows Servers meets the challenge of branch office scenariosMap WS08 Technologies to Branch Office Solutions
Session OverviewMicrosoft in the Branch OfficeImproving WAN efficiency
Next Generation TCP/IP StackSMB 2.0File System improvements
Transparent Caching for SMBOffline Files
DFS – Read Only ReplicaBranchCache™
Differentiating Servers in Branch officesServer CoreActive Directory Domain Services – RoDC
Partnerships to Offer Windows Services in the Context of WAN Optimization
NEW in WS08
R2
NEW in WS08
R2
4
Microsoft in the Branch
Home to 20% of Windows ServersMost servers used as application servers or to provide infrastructure services
Infra-structure
44%
Email and Collab-oration 4%
Business Applications
50%Others 2%
Source Internal Microsoft Research 2007
5
• + Highly resilient• + High Performance• - Costs• - Complex
• + Ease of Deployment
• + Simplicity• - Performance • - Single Point of
Failure
Branch Office Deployment Topologies
6
Why WAN requires special handling
LAN Latency < 1ms
Latency on WAN linksDelays connection setupDelays Data TxferDegrades end user experience
Protocols can only Receive limited data based on buffer size
WAN Latency >100ms
7
Microsoft's Commitment
Innovate in the Windows Server platform to add features that make it even more suitable for branch deployments
Partnerships to offer Windows services in the context of WAN Optimization Controllers
Improve end user experience through improvements to the underlying protocols
Network
Sender’s Networking Stack
Receiver’s Networking Stack
Sender Application
Receiver Application
Network Performance Factors
Make the protocol aware of the varying network conditionsReduce amount of Round trips the protocol makes
Reduce WAN utilization
9
Automatically Tune the Network Stack
Optimized performance without lossIntelligent, automated tuning of TCP receive window sizeBetter packet loss resiliency (e.g., wireless connectivity)Advanced congestion control for better throughput (CTCP)
Automatically adjusts for maximum efficiencyFaster network transfers, especially across WAN linksOptimized use of available network bandwidthReduced packet loss resulting in fewer retransmits
TCP Receive Window Size
Default TCP windows size of 64KB NO AUTO TUNINGSeverely limits round trip timesSender transmits are limited to advertised receive window sizeWindow size backs off by 50% with packet loss
Windows size increased slightly with every ACK
Manual tuning of receive window size does not offer ideal results
Windows XP & Windows Server 2003
Auto-tune enabled by defaultMax receive window determined by:
Application consumption capacityNetwork capacity and conditions
Windows Vista/Win7 and Windows Server 2008 and R2
11
Redesigned TCP/IP Stack
Dual-IP layer architecture for native IPv4 and IPv6 supportSeamless security through expanded IPsec integrationImproved performance via hardware accelerationNetwork auto-tuning and optimization algorithmsGreater extensibility and reliability through rich APIs
Win
dow
s
Filte
ring
P
latfo
rm A
PI
IPv4
802.3
WSK
WSK Clients TDI Clients
NDIS
WLAN Loop-back
IPv4 Tunnel
IPv6 Tunnel
IPv6
RAWUDPTCP
Next Generation TCP/IP Stack (tcpip.sys)
AFD
TDX
TDI
Winsock User Mode
Kernel Mode
Server Message Block 2.0
Multiple command in a single packetReduced wait time and connection overhead
Much larger buffer sizeNetwork stack is no longer the bottleneckApplication & disk are now the bottleneck
Parallel Write, Parallel ResponseDurable handles allow recover from brief network disruptionsSymlink support
File Shares – Streaming ImprovementParallel requests greatly increase read/write speed
16 MB file 1 GB file0
100020003000400050006000700080009000
10000
309 312703
22472203
9383
XP-SMB1 Vista-SMB1 Vista-SMB2
Download speed (kb/sec), 100 ms RTTRequest
Response
SMB1 SMB2
Time to Completion (seconds)
File Copy Comparison
9.47
12.9
1
31.2
432
.18
Series10
1
2
3
4
5
6
7
8
9
10
WS08/VistaWS08/XPWS03/VistaWS03/XP
Win
do
ws
2008
& V
ista
08
& X
P
03 &
XP
Win
do
ws
2003
& V
ista
Th
rou
gh
pu
t (M
bp
s)
• The Tolly Group, Inc. (2007)
10 MB file over 10 Mbps (50ms) link
15
Enhancing the Offline Files experienceAnjli ChaudhryProgram Manager – Offline FilesMicrosoft Corporation
16
Building on Vista SP1 Offline Files
Provides seamless access to network files on File shares whether client is offline or online
Common deployment scenarios:Folder RedirectionRedirection of “known” client folders (e.g. ‘Documents’)
Cached Drives(e.g. H:\ mapped to SMB share)
User pinning of remote shares or specific filesPublication content for use in branch offices
17
Offline Files – "Usually Offline" SupportSituation Today
Folder redirection is a success with online & offline modes in Windows VistaNot transparent to users who are on a high latency network with low throughput
Benefits
Full 2-way background synchronization at fixed intervalsSynchronization transparent to the end userIT admin can configure synchronization intervals
Windows 7 Solution
Seamless experience for end-usersCorporate data is in syncOptimizes the network usage for remote workers & branch offices
18
Transparent Caching
Read response times for files that were just open takes too long
Opening a file that was just recently read takes just as long as opening a file for the first timeBandwidth consumption is high regardless of how recent a file was opened
Files accessed on SMB shares are automatically cached to diskSubsequent reads to the file are satisfied from the local cacheCaching policy configurable through group policyTransparent to the end user
Optimize bandwidth consumption on WAN linksProvide near local read response times for end users working over WAN links
Situation Today Windows 7 Solution
Benefits
19
Branch Office File Copy
Windows Server 2008 R2
Slow WAN Link
Client 1 Client 2
Windows 7/Server 2008R2
Windows 7 Clients
Windows Server 2008
Slow WAN Link
Client 1 Client 2
Today
Vista SP1 Clients
20
BranchCache™Reduce Network utilizationImprove End user experiencePreserve End to End EncryptionSimple to Deploy and Manage
New in Win7 and WS08R2 Introducing
21
Get
GetID
Get
Data
BranchCache™ - Distributed Cache
Get
IDData
Data
22
Get
GetID
Put
Data
BranchCache™ - Hosted Cache
Get
DataID
Search
Get
Sea
rch
Request
Advertize
ID
ID
ID
Data
ID
Data
Cache in the branch that is always availableInstallable on an existing WS08R2 serverWorks across IP subnets
23
Deployment
IISFile Server
Group PolicyManagement
Install the optional “Windows Branch Cache” component on a Windows 7 web or file server
Use Group Policy to enable Windows Branch Cache on Windows 7 clients
HostedCache
Optionally, install a hosted cache in your branch. Configure clients to use it with Group Policy
24
Framework
IE
HTTP (WebIO/http.sys)
Windows BranchCache
WMP
SMB (CSC/SRV)
SharePointExplorer
Office
3rd Party Applications
SCCM WSUS
BITSXCOPY/Robocopy
25
File Replication engine – successor to NT FRS.
Microsoft Confidential
Scalable
Reliable
Efficient
“Just works”
Scales to Terabytes of data and millions of files.Hundreds of members/replication group, flexible topology.Hundreds of replication groups and folders/replication group.
No data loss or directory morphsMulti-master with ‘last writer wins’ conflict resolution
Uses Remote Differential Compression (RDC) to significantly reduce bandwidth consumption.WAN friendly.
Easy to configure, low touchFocus on in-box management tools and ship with MOM MPAuto-recovers from most conditions (e.g. journal wrap or loss, database corruption)
Distributed File System – Replication
DFS Scenario: Publishing
Microsoft Confidential
DFS Namespace
Audrey (Singapore)
Jennifer(London)
(Seattle)DFS
Replication
DFS Replication
Remote Differential Compression
Microsoft Confidential
Original file Updated fileUpdated file
The quick fox jumped
over the lazy brown dog.
the fox jumping over him.
“The brown dog was”
“so lazy that he …”
copyMD421
MD422
MD423
MD424
MD425
MD411
MD412
MD413
MD414
The quick fox jumped
over the lazy brown dog.
The dog wasso lazy that he didn’t notice
the fox jumping over him.
The quick fox jumped
over the lazy brown dog.
The brown dog was
the fox jumping over him.
so lazy that he didn’t notice
The quick fox jumped
over the lazy brown dog.
The brown dog was
the fox jumping over him.
so lazy that he didn’t notice
[use recursion]
Receiving Partner Sending Partner
Request file
MD421 … MD425
Fetch new chunks 3, 4
Why Read-only Replicated folders?
29
Introducing
Publication data that should never be changed at branch locationsAny open or create requesting WRITE access will be failed by a new filter driverIn case the filter is not running, other Win7 Replication Group members will refuse updates from a read-only replication partner
ReadOnly DFS Replica
New in Win7 and WS08R2
End-user experience
31
Microsoft's Commitment
Innovate in the Windows Server platform to add features that make it even more suitable for branch deployments
Partnerships to offer Windows services in the context of WAN optimization Controllers
Improve end user experience through improvements to the underlying protocols
Server Core in the Branch
•Reduced servicing •Reduced attack surface
Fewer moving parts
•Reduced management overhead•Improved availability
Designed for Specific Roles
•Less Memory (184 MB idle vs. 309 MB)*•Less Disk (1.6 GB vs. 7.6 GB)*
Smaller System Footprint
*Not recommended minimums
What is Server Core?
Server Core is a minimal Windows Server 2008 installation option.
GUI? – Gone (mostly).Windows Explorer? – Gone.Internet Explorer & Media Player? – Gone..Net Framework? – Gone. MMC? - Gone too.
Designed to support very specific workloads.
What can I do with Server Core?Active Directory Domain Services - ADDSAD LDS (aka, ADAM)Domain Name System Server - DNSDHCP ServerFile ServicesInternet Information Services (IIS7)Print ServerWindows Media Services Hyper-V.NET Support
NEW in WS08
R2
Read Only Domain Controller
Reduces risk when deploying DC where physical security is not ideal
Add BitLocker™ for additional securityRODC tools allow targeted response to physical security breachReduces replication
Machine and user secrets are among the most frequent directory services changes.
36
• + Highly resilient• + High Performance• - Costs• - Complex
• + Ease of Deployment
• + Simplicity• - Performance • - Single Point of
Failure
Branch Office Deployment Topologies
37
Microsoft's Commitment
Innovate in the Windows Server platform to add features that make it even more suitable for branch deployments
Partnerships to offer Windows services in the context of WAN optimization Controllers
Improve end user experience through improvements to the underlying protocols
38
Citrix Branch Repeater with Windows Server
Stages application content
Accelerates enterprise traffic
Consolidates local branch functions
39
Cisco WAASwith Virtualization
Windows Server with WAAS
Branch optimized IT servicesRead-only Domain ControllerPrint servicesDNS/DHCP services
Complete WAN optimization + application accelerationAbility to host Windows services locally
Microsoft Windows Server 2008 Server Core
Jointly developed architecture
Joint customer support
Cisco WAAS with pre-packaged Windows Server 2008 services
Available Now
Related Content
Breakout Sessions/Chalk TalksSVR03-IS:Windows Server 2008 in the Branch OfficeCLI204 Windows Client: roadmap and introduction to Windows 7 for enterprise customers CLI06-IS Networking for Mobile Workers: from Windows Vista to Windows 7 CLI10-IS - Branch Office Networking: from Windows Vista to Windows 7 CLI 303 - Windows Networking: from Windows Vista to Windows 7
Branch Office Solutions Booth (booth 36)
41
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED
OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.