WSUS v.s. Branch Cache for Updates

Hello EE,

Currently we have a WSUS server for deploying Microsoft updates.  Corporate is wanting to migrate to using branch cache at our facility saying the first update would come from their server and subsequent updates from the local branch cache.  I am used to administering WSUS so want to know pros/cons of moving to Branch Cache when corporate is in another country.
operationsITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
I dont like Branch Cache personally having just undergone the 2012 exam which I have learned alot from it including setting it up in labs etc.

To put my feeling on it into a short statement I would say that I will be leaving Branch Cache until 2015 Server at the earliest due to it being a new MS product and id only then expect a lot of the bugs and inadequacies to be ironed it.

This especially rings true for a big company operating overseas. I would stick to a policy of WSUS and SCCM(for urgent only deployments) if you have these options available at present.

The biggest issue with Branch Cache is the overhead on administration for what is a brand new system that nobody even knows if it will be around in 4 years time. Way to early for a big company to implement especially if you have a perfectly working infrastructure right now.
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerCommented:
You are looking at it a bit incorrectly I think; it's not an either or.

Maybe I'm mis-reading your question a bit, but you'll still be running WSUS.  All branch cache does is store files locally on a server or client so they don't need to be fetched over a WAN link.

And this is not a new product.  It was introduced with Windows 7 and Windows Server 2008 R2.  It's five or six years old at this point.

As has been said though, it does require admin effort.

There quite a bit of information on it here:

https://technet.microsoft.com/en-us/library/dd425028.aspx

Jim.
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
True regarding 2008. ;). an oversight. Im not sure its 5 years old though tbh!

It really is hard for me to imagine a scenario where Branch Cache is actually beneficial honestly. Even in a large file sharing company I just cannot see any relevant use for it.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerCommented:
<<True regarding 2008. ;). an oversight. Im not sure its 5 years old though tbh! >>

 I just checked; released 2009...time marches on<g>.

<<It really is hard for me to imagine a scenario where Branch Cache is actually beneficial honestly.>>

 Probably not as worthwhile as it once was as internet connectivity has improved.  But still even today, it's common practice to copy files out to a remote site on one station, then copy/install to the rest from there.  

 Branch cache makes that automatic, but it does need to be managed.  Guess it depends if working that way will be the "norm" or a one time deal.  Also the requirements are high.   It was only Windows 7 ultimate that had it I believe and only a few of the high end server OS's.   I'm sure all the details are in the link I posted.

I think though if it were me, I'd just put in a down stream WSUS server.   But without knowing the details, Branch cache may be a lot more flexible for the situation despite the overhead.

Jim.
operationsITAuthor Commented:
Hello,

The scenario is we currently have a downstream WSUS server where in the branch (corporate to North America) can administer updates on the server.  Corporate is recommending branch cache as a way to improve updates and I am having a hard time seeing that as it will only take away our ability in the branch to administer updates, thus requiring us to go overseas to corporate and with the time difference work out any issues.  Trying to determine true benefits if any to go branchcache?  Pros of staying downstream
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerCommented:
I would agree...I don't see any advantage in regards to updates.

 A downstream server is already acting as a cache.  Branch cache may have some optimizations that WSUS does not, but unless the connection is under a lot of pressure, I don't see where that would be a big deal.

 Outside of updates, Branch cache would give you more because it works with any files you want, not just with update files.

 But if their looking to improve updates alone, I don't see that either.

  I guess the question is, what's the real problem their trying to solve?

Jim.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
WSUS is a method to control what machine gets what.
Branchcache is a p2p content sharing system. In a ultra-high speed network, BranchCache will not be needed but WSUS will be.
operationsITAuthor Commented:
Hello Jim,

They are trying to take ability to administer updates away from our branch by saying it would improve updates (removing our downstream WSUS), but I only see not having the ability to effectively support local users from the local branch inefficient and ineffective given corporate is 6 hours away.
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerCommented:
<<They are trying to take ability to administer updates away from our branch >>

 um, but if your on a downstream WSUS server already, their already controlling your updates.

Jim.
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
Why should every branch have its own list of patch approvals?
operationsITAuthor Commented:
Can we not approve patches on the downstream server?  If not, what advantage would moving us to BranchCache for updates offer over what we are running now?

@Nagendra, not all branches have their own list of patch approvals, only our location as we are corporate for North America, but our branches do not.
Jim Dettman (Microsoft MVP/ EE MVE)President / OwnerCommented:
<<Can we not approve patches on the downstream server?  >>

 Yes, but your only seeing the patches they let you see unless I'm remembering that wrong.  So their already in semi-control of the patch process.

 You get to approve patches listed and control groups, but that's only on what the upstream server has.

Jim.
operationsITAuthor Commented:
Thanks for all the information
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Operating Systems

From novice to tech pro — start learning today.