Now Configuration Manager is a complex beast, when designing a ConfigMgr site you have to plan carefully your network because there is going to be a lot of traffic going back and forth from your servers to your clients, and from your servers to your other servers. So you have to take some considerations on how many clients and how many distribution points you are going to have for your site, also depending on what kind of features you are going to use.
Now before we start with the networking part, let’s review the supported configuration and hardware requirements.
25 child primary sites.
250 secondary sites.
10,000 devices running windows embedded
10 Management Points
250 Distribution Point
1 Fallback Status Point
Multiple Application Catalog Website Point
1 Management Point
Fallback Status Point:
Software Update Point:
Application Catalog Website Point:
Application Catalog Web Service Point:
And as you can see this can lead up to a VERY complex setup if you have a large setup. Microsoft has also deployed Configuration Manager on their own computers
And Microsoft also have made a good Hardware Requirement for list.
You can read more about it here –> http://bit.ly/S3fRJB
Clients searches for a management point by using the following options in the order specified:
- Management point (If specified by agent installation)
- Active Directory Domain Services
Now when an agent connects to a MP it makes a list of all the Management Point which is within the Boundary and if the client has PKI certificate installed it makes a priority list over all
MP’s that has HTTPS enabled.
Now let’s start with the client communication to the servers. There are 3 ports that are the common used
Port 443 HTTPS = Used to communicate with a management point over HTTPS
Port 445 SMB = Used to communicate
Port 80 = Used to contact the Fallback status point
New with SP1! Port 10123 = Client Notification, to start or initiate an malware or policy update/scan
Port 9 UDP = Wake on Lan
You can see more about the port requirements for ConfigMgr here –> http://technet.microsoft.com/en-us/library/hh427328.aspx
Now clients connect to a distribution point either via HTTP or HTTPS using BITS. Now in order to limit the usage of network you have to specify a client setting for BITS.
Here we can define the bandwidth usage and throttling time.
You can also specify BITS settings in Group Policy. You need to remember that you have to plan on what features that you are going to use.
If you are using Software Metering, Software Inventory, Baselines & Compliance, Hardware Inventory etc. So there is a lot of feature that can generate a lot of traffic.