Best practices for optimizing bandwidth for remote work models

Use different replication policies for multiple remote offices

When you manage remote offices using the distribution server (DS), establishing a replication policy helps define parameters for data replication between Endpoint Central server and multiple distribution servers. This ensures the bandwidth utilization is optimized, and doesn't hamper operations.

Each replication policy lets you define the following:

  • Replication interval: The interval at which the DS can contact Endpoint Central server
  • Data transfer rate: The rate at which data should be replicated from Endpoint Central server to the DS
  • Scheduler: The interval of time, or window, for replication of patch and software binaries from Endpoint Central server to the DS

Associating a different replication policy for each remote office is highly recommended to help reduce the load on Endpoint Central server and distribute the available bandwidth evenly.

Configure a deployment policy for each remote office

Every time you deploy a patch, software, and configuration, several deployment parameters, such as the installation window of the binaries and user behavior with the deployment process, come into play.

Each deployment policy lets you define the following:

  • Deployment schedule
  • Predeployment settings
  • User notification
  • Reboot policy

You can create a deployment policy that’s specific to the work-from-home (WFH) conditions currently and set this policy as the default one. You can always dissociate the WFH policy and associate the normal policy, once the pandemic ceases to exist.

Deployment schedule

You can select the deployment schedule that works best for your organization. Learn more about deployment policies and specifying a deployment schedule here.

  • Choose the week split that you prefer, either the regular split on the split that’s based on Patch Tuesday releases.
  • Define the deployment window.
  • Choose the point at which the deployment will be initiated, either at system startup or during the refresh cycle.

Predeployment settings

  • You can wake computers before the deployment. This is handy when your deployment window is slotted during non-business hours.
  • Instead of downloading the patch or the software package during the deployment window, it is recommended that these be downloaded prior to the deployment window.

User notification

  • Notify users prior to the deployment, and give them the leeway to skip the deployment.
  • You can force the deployment after a stipulated length of time if the user continues to skip the deployment.
  • You can empower the users with deployment at their disposal, which implies that users can initiate the deployment during non-business hours, from the agent tray icon.

Reboot policy

  • The deployment of a few patches or software packages, might require a system reboot.
  • Define and schedule the policy for reboot or shutdown.

After defining different deployment policies, you can associate each policy with a specific remote office. This way, you can ensure that there are no bandwidth bottleneck issues. Having a distinct WFH deployment policy for each remote office makes your job a lot easier.

EXAMPLES

Let us consider a scenario wherein patches need to be deployed to two different remote offices.

Replication policy

Parameter Remote office 1 Remote office 2
Number of endpoints 100 200
Data transfer rate 5120 KBPS 7168 KBPS
Replication interval 5 minutes 10 minutes
Replication days All days All days
Replication window 06:00 to 17:59 18:00 to 05:59

It is highly recommended to associate different replication policies for different remote offices to avoid bandwidth bottlenecks issues and reduce the load on Endpoint Central server.

Deployment policy

Parameter Remote office 1 Remote office 2
Number of endpoints 100 200
Preferred week split Regular week split Patch Tuesday week split
Preferred week and day First and third week Patch Tuesday week and second week after Patch Tuesday
Deployment window 00:00 to 23:59 00:00 to 23:59
Number of skippable days after which the deployment needs to be enforced 3 2

It is recommended to keep the deployment window open to empower the users to initiate the deployment whenever feasible.

Reboot/shutdown policy

Parameter Remote office 1 Remote office 2
Number of endpoints 100 200
Reboot/shutdown method Force reboot, but specify the reboot time Postpone shutdown
Reboot/shutdown window All days from 21:00 to 05:00 Postpone interval will be 2 hours
  • If the machine misses the reboot, you can choose to immediately reboot the system as soon as it’s active. For a shutdown, the postpone interval can be defined by the end user.
  • The window for force shutdown can be displayed after a stipulated number of hours (say three hours) from the first shutdown prompt. For example, if the first shutdown prompt is shown at 16:00, depending on the postpone interval, the user can postpone the shutdown. However, the shutdown will be forced at 19:00, and the window can be displayed for 2 minutes before shutting down the machine.