BranchOffice Szenarios

406 views

Published on

Was bieten Server 2012 und Windows 8 für Branch-Offices konkret? Wie lassen sich verteilte Szenarien für File-Access oder auch Deployment realisieren? Nach dieser Session kennen Sie die neuen Möglichkeiten und können das Potenzial für Ihr Unternehmen einschätzen.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
406
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

BranchOffice Szenarios

  1. 1. Drive your life.Branch Office Scenarios Patrick Sommer Patrick.Sommer@corporatesoftware.ch
  2. 2. URA URAHostedCache Branch OfficeHeadquarters URA Cloud
  3. 3. Unified State Current State Private Cloud/ HQInternet DirectAccess & VPN: Remote access: Connecting remote Connectivity using clients to the hybrid dedicated cloud for infrastructure - Managed - Unmanaged Hoster/ Branch Cross premise Site to Site connectivity: using connectivity Connecting private dedicated and public clouds infrastructure Remote Access Unified Remote Access Site to Site
  4. 4. Contoso Branch Office (10.1.0.0/16)Contoso Corp. HQ(10.0.0.0/16) 10.1.2.0/24 10.1.3.0/24 10.1.3.0/24 S2S LANDirectAccess Hosters network in cloud
  5. 5. PowerShellPS> Add-VpnS2SInterface interfacename destinationip -protocol IKEv2 -Authenticationmethod PSK –SharedSecret “abc” –IPv4Subnet 10.1.1.0/24:10 Easy configuration wizard
  6. 6. DC1App1 2-App1 Corp-Edge Cloud-Edge Client1 Client2
  7. 7. Data ID ID ID Search ID Data ID Data ID
  8. 8. IDDataData ID Data
  9. 9. EnterpriseDistributed Cache Hosted CacheData cached amongst clients Data cached at hosted cache server
  10. 10.  BranchCache accelerates e2e encrypted traffic (TLS/HTTPS, IPsec) Cached data encrypted on disk and in transit between clients Prevents unauthorized access to cached data
  11. 11. BranchCache Security Model Server transmits content information structure to the client only if the client has access. Transfer happens over the accelerated protocol.Server authenticates the clientand performs authorizationchecks. Client downloads encrypted blocks from a peer or the hosted cache and decrypts them with the encryption key. Client uses content information structure to calculate: -segment id (public) Client multicasts the segment id Cached data is stored in -encryption key (private) to find a peer with the data. encrypted.
  12. 12. Identifiers ID1 ID2 ID3 ID4 ID5 ID6 ID7 ID8 ID9Block HashesBlocksMax 128KFingerprintUsed to choose boundariesContent
  13. 13.  Clients use Service Connection Points (SCPs) to discover and connect to hosted cache servers. Hosted cache servers can SCP automatically create SCPs. SCP No site-by-site configuration needed.
  14. 14.  BranchCache cache is encrypted by default. Certificate no longer required on hosted cache server Actually a performance improvement!
  15. 15. Warm Hosted Cache Data can be exported from “warm” hosted cache serversIIS Hosted CacheFile Server Data Packages Data Packages can be imported on New tools let you prehash data on both hosted cache servers and clients file and web servers, and create data packages.
  16. 16.  Hosted cache server can store much more data, increasing bandwidth savings. ESE More efficient architecture based on the Extensible Storage Engine enables a single hosted cache to serve more clients. Multi-TB cache can be spread across disks.
  17. 17.  Clients can be configured to use multiple hosted cache servers in one branch. Existing logic enables retrieval from multiple servers. Uploads done only once. Improves scale and availability without the complexity of clustering.
  18. 18. DC1App1 2-App1 Corp-Edge Cloud-Edge Client1 Client2
  19. 19. Configuring the Configuring the Web Server File Server 1. Install BranchCache for Network1. Install the BranchCache Files role service feature 2. Enable BranchCache on the server 3. Enable BranchCache on file shares Configuring the Hosted Cache Server 1. Add the BranchCache feature to the Windows Server 2012 server 2. Configure BranchCache with a trusted certificate
  20. 20. To enable and configure BranchCache, you need to performthe following steps: 1. Enable BranchCache 2. Enable the Distributed Cache mode or Hosted Cache mode 3. Configure the client firewallYou can modify BranchCache settings and performadditional configuration tasks, such as: • Setting the cache size • Setting the location of the Hosted Cache server • Clearing the cache • Creating and replicating a shared key for using in a server cluster
  21. 21. 3rd Party ApplicationsOffice CopyFile Explorer WMP IE SCCM WSUS 3rd Party Protocols SMB 2 HTTP BITS Intune BranchCache™ Platform
  22. 22.  Printing directly to a print device (instead of server printer queue) Transparent for user Powershell or Print Management Console (per printer) Limitations  Print Queues using printer drivers which support Client Side Rendering (supported since W2K8)  Only Network attached printers  Quota, auditing and detailed job logging are lost
  23. 23. BranchCache Overview- http://technet.microsoft.com/en-us/library/hh831696.aspx http://technet.microsoft.com/en-us/library/jj127252.aspx http://technet.microsoft.com/en-us/library/hh831602.aspx http://technet.microsoft.com/en-us/library/jj134152.aspx http://channel9.msdn.com/events/TechEd/Europe/2012/WSV333
  24. 24. IISFile Server Group Policy Management BitLocker Certificate GPO GPO

×