Microsoft Clarifies Windows 10 'Delivery Optimization'

Microsoft this week shared more details about its new Delivery Optimization update service for Windows 10 clients.

Delivery Optimization is a peer-to-peer client update service that uses PCs, both local PCs and non-local devices via the Internet, to deliver updated Windows 10 bits to an organization's networked PCs. It combines partial bits from PCs with partial bits from Microsoft's datacenters to update a computing environment. The idea is to reduce bandwidth issues during the update process. Updates are greatly sped up with Windows 10, as Microsoft now sometimes changes client operating system features on a monthly basis.

Microsoft unveiled the Delivery Optimization service last week as a feature that got initiated with Windows 10 version 1607 (the "anniversary update"), which was released on Aug. 2. However, the Delivery Optimization service also works with Windows 10 version 1511, although there are a few nuances. The details were explained by Michael Niehaus, a Microsoft senior product marketing manager for Windows, in a new announcement Tuesday.

The Delivery Optimization service will only initiate peer-to-peer sharing when Microsoft is delivering its "larger updates like feature updates and cumulative updates," Niehaus clarified. Possibly, he is referring to Microsoft's original summer/fall major release-cycle scheme for Windows 10. For instance, Microsoft's Windows 10 versions 1507 and 1511 last year might be considered to be major operating system feature update releases, along with this year's anniversary update. Technically speaking, though, Microsoft releases feature updates and cumulative updates for Windows 10 every month.

It's also possible to completely turn off the Delivery Optimization service using Group Policy by selecting the "None" option. A Microsoft TechNet article lists the Group Policy options as follows:

  • None. Turns off Delivery Optimization.
  • Group. Gets or sends updates and apps to PCs on the same local network domain.
  • Internet. Gets or sends updates and apps to PCs on the Internet.
  • LAN. Gets or sends updates and apps to PCs on the same NAT only.
  • Simple. Simple download mode with no peering.
  • Bypass. Use BITS instead of Windows Update Delivery Optimization.

Niehaus explained that the "Simple" mode might be used "for 'closed' networks where PCs wouldn't be able to get to the Delivery Optimization service on the internet."

The "Bypass" option might be used by organizations using Microsoft's BranchCache service (instead of Delivery Optimization) to keep PCs up to date. However, Windows 10 version 1511 lacks Bypass mode support. Niehaus offered a suggestion for organizations using that version.

"Since Windows 10 1511 doesn't have a Bypass mode, you can use 'HTTP only' mode 0 to skip Delivery Optimization peer checks on closed networks," he explained.

Delivery Optimization uses a "LAN" download mode by default. PCs with the same IP address are considered to be peers under the LAN approach. However, organizations can specify which PCs should be considered peers by the Delivery Optimization service by specifying the "Group" mode. There's a nuance between the two Windows 10 versions, though, when using Group. Niehaus explained it in this way:

With Windows 10 1511, groupings are based on the AD domain and an optional group ID that you can set via policy. With Windows 10 1607, the groups are based on AD domain and AD site, and can also add in an optional group ID.

Organizations might want to use Group if they are spread out geographically. Group can be used to make the peer-to-peer sharing happen with local machines, Niehaus explained.

However, Niehaus recommended using the "Group ID" mode if an organization's Active Directory sites aren't defined according to a physical location or if an organization is using Windows 10 version 1511. That nuance wasn't mentioned in Microsoft's TechNet article.

Even though there are Group Policy options available to control the Delivery Optimization service, Microsoft contends that tapping other PCs outside a local network for Windows 10 updating purposes isn't a security risk.

"Delivery Optimization can't be used to download or send personal content," a Delivery Optimization FAQ claimed.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Microsoft Commercially Releases Entra Workload Identities

    Microsoft announced on Monday that its Entra Workload Identities service is now available as a commercial product offering, having reached the "general availability" stage.

  • The 2022 Microsoft Product Roadmap

    Microsoft has a lot in the docket for 2022, including new products like SQL Server 2022, Exchange Subscription Edition and Visual Studio 2022 for Mac.

  • OpenSSF Adopts Microsoft Open Source Software Security Guidelines

    The Open Source Security Foundation (OpenSSF) announced on Wednesday that it has adopted the Secure Supply Chain Consumption Framework (S2C2F) for ensuring the secure use of open source software (OSS) by developers.

  • Microsoft Releases PowerShell 7.3

    PowerShell 7.3 is now at the "general availability" (GA) commercial-release stage.