'Delivery Optimization' Comes to Windows 10
Microsoft is changing its client update scheme with its first major Windows 10 update.
This Windows Update Delivery Optimization feature is a peer-to-peer client update service that's part of Microsoft's somewhat elusive Windows Update for Business technologies. Windows Update for Business is a bunch of scattered technologies that aim to make things easier for organizations coming to grips with Microsoft's service-enabled Windows 10, with its various "branches" to track. Microsoft has put Windows Update for Business technologies into its System Center Configuration Manager, Windows Intune and Windows Server Update Services management tools.
Windows Update Delivery Optimization
The Delivery Optimization service is designed to reduce network traffic by pulling update bits from Microsoft's datacenters, as well as from PCs. It pulls from both sources. The PCs used for this bit-sharing approach can be local ones inside an organization, or they can be located outside an organization.
It seems that Windows 10 version 1607 will start enabling this behavior. Here's how Michael Niehaus, a Microsoft senior product marketing manager for Windows, described the Delivery Optimization service, per a blog post this week:
For those of you who have started deploying Windows 10 1607, you might notice a change in the behavior of the Windows Update agent for PCs that are configured to pull updates from WSUS. Instead of pulling the updates from WSUS, PCs may start grabbing them from peers on your network, leveraging the Delivery Optimization service for referrals to other PCs that have already obtained the content.
This service, like all Windows Update for Business services, is available for Windows 10 Pro, Enterprise and Education editions, according to Microsoft's edition comparison table (PDF). The Delivery Optimization service is specifically turned on by default for the Enterprise and Education editions of Windows 10, according to a recently updated TechNet "Setup and Deployment" article. However, it uses local PCs by default to grab the bits. Here's the article's description:
Delivery Optimization is turned on by default for the Enterprise and Education editions of Windows 10, where the default option is that updates will only be pulled and shared from PCs on your LAN and not the Internet.
It's possible to configure the Delivery Optimization service to get its bits from PCs outside an organization's network. Microsoft contends that's a secure option in its Delivery Optimization FAQ, explaining that "Delivery Optimization can't be used to download or send personal content."
The Bypass Policy Setting
Niehaus indicated that a new Group Policy setting is available to disable the Delivery Optimization service, if wanted. IT pros can specify a new "Bypass" mode.
An organization may want to bypass the Delivery Optimization service because they are already using Microsoft's BranchCache service for peer-to-peer updating, which uses Microsoft's Background Intelligent Transfer Service (BITS) technology, Niehaus explained. To use the new Bypass mode, organizations need to have the latest Administrative Template (.ADMX) files for Windows 10 version 1607 and Windows Server 2016, which can be downloaded here.
"The 'Bypass' setting wasn't available in previous versions" of the template files, Niehaus explained.
Defer and Pause Options
Organizations can use Group Policy or mobile device management solutions to defer Windows 10 updates for up to eight months when following the "current branch for business" update schedule. The idea is to triage PCs for testing purposes before rolling out the updates more broadly. However, there's also a "Pause" option, which may be a new capability in Windows Update for Business.
The Pause capability is a per-machine Windows 10 update option to buy more time than the deferral process allows. It wards off upgrades for 35 days. Here's how Microsoft's TechNet "Setup and Deployment" article described Pause:
Although administrators can use deferral periods to stagger the rate at which deployments go out to their organization (which provides time to verify quality and address any issues), there may be cases where additional time is needed before an update is set to deploy to a machine, or group of machines. Windows Update for Business provides a means for administrators to pause updates and upgrades on a per-machine basis. This pause functionality ensures that no updates or upgrades will be made available for the specified machine; the machine will remain in this state until the machine is specifically "unpaused," or when a period of five weeks (35 days) has passed, at which point updates are auto-resumed.
Windows 10 version 1607 has already arrived, but not for everyone. Microsoft released it on Aug. 2, but organizations using System Center Configuration Manager or Windows Service Update Services will see the bits arrive on Aug. 16.
In addition, users of the "long-term servicing branch" update track will be able to get the Windows 10 anniversary update on Oct. 1, Microsoft has explained.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.