For those of you still having machines in an office type setup, you can reduce the load on your Internet link, and speed up downloads from Microsoft Intune quite a bit, by creating a device configuration profile with settings for Delivery Optimization (DO). We recommend using the Settings Catalog for this since the "classic" template does not have all settings at the moment.
For this post we prepared 18 Win32 apps in Intune of different sizes, ranging from 2MB up to 5GB, single files, multiple files, and deployed them to five machines in the same location. We then wrote down the deployment times and reviewed the network traffic. For the various tests we used a shared Internet connection of 100 mbit/s.
Prior to packaging the Win32 apps using the content prep tool the data source folder was 10.7 GB, and afterwards the combined size of the 18 compressed .intunewin files was 10.4 GB. So pretty much the same which was expected since it was mostly installers, MSI files etc. that were already compressed.
# Test 1, Delivery Optimization configured for no P2P and Win32 apps set for Background download (not configured)
While not being a recommended practice, we thought it was valuable to get some metrics when deploying Win32 apps from Microsoft Intune to machines that were configured to not use any P2P at all. This is done by settings the DO download mode to HTTP Only (0). This setting disables P2P caching but still allows DO to download content from Microsoft. We also left the Win32 app assignments in their default Deliver Optimization setting, which is "not configured", meaning background download.
Deploying our 18 test applications to the five test devices using these settings took 124 minutes, and since there was no P2P, a good 50 GB was downloaded through the firewall.
# Test 2, Delivery Optimization configured for no P2P and Win32 apps set for Foreground download
As a variant of Test 1, we wanted to do a new run, but this time with the assignments Delivery Optimization setting configured for Foreground download. Deploying our 18 test applications to the five test devices, with this change, took 61 minutes, and once again, since there was no P2P, a good 50 GB was downloaded through the firewall.
# Test 3, Delivery Optimization configured for P2P with default settings and Win32 apps set for Foreground download
For this we test reverted our clients to the default Windows 10 and Windows 11 DO settings, meaning P2P is enabled, but no other optimizations. Deploying our 18 test applications to the five test devices, with this change, took 32 minutes. The downloaded data over the firewall was about 30 GB, and DO reported a P2P efficiency for about 30 percent.
# Test 4, Delivery Optimization configured for P2P with recommended settings and Win32 apps set for Foreground download
For this we test we applied our recommended our clients to the default Windows 10 and Windows 11 DO settings, meaning P2P is enabled, but no other optimizations. Deploying our 18 test applications to the five test devices, with this change, took 30 minutes. The downloaded data over the firewall was about 15 GB, and DO reported a P2P efficiency for about 65 percent. More than twice as effective as when using the default DO settings.
Recommended Production DO Settings for Microsoft Intune
Below you find our recommended DO starter settings for Microsoft Intune:
- DO Absolute Max Cache Size: 30
- DO Allow VPN Peer Caching: Block
- DO Delay Background Download From Http: 600
- DO Delay Foreground Download From Http: 60
- DO Download Mode: Either HTTP blended with peering behind the same NAT and DO Restrict Peer Selection By Subnet mask, or by Group Mode and a Group ID.
- DO Max Cache Age: 0
- DO Min Background Qos: 64 (On 20 mbit/s Internet speed, set to 24. On 100 mbit/s Internet speed or higher, set to 64)
- DO Min Battery Percentage Allowed To Upload: 40
- DO Min File Size To Cache: 1
- DO Min RAM Allowed To Peer: 2
- DO Monthly Upload Data Cap: 0
- DO Restrict Peer Selection By: Subnet mask (see note below)
Note: The Local peer discovery (DNS-SD) setting, which is very useful to reduce the number of connections to Microsoft servers seems a bit broken in Intune.
By Rita
By Phil
By Andreas
By Andreas
Doris The Bot..