VPN Bandwidth Control via BITs Throttling for SCCM DP | Client

A hot topic within many organizations is how to control the VPN bandwidth without changing anything drastically (split tunneling?). Many IT Pros and SCCM admins suggested including BITs Throttling for SCCM DP options into the list as an easy win!.

Related PostUse Existing SCCM Config to Help to Reduce VPN Bandwidth | ConfigMgr


Let’s see an existing SCCM (A.K.A Configuration Manager) configuration to help to cater to remote work scenarios and reduce VPN bandwidth. There are some great posts available in the community and from Microsoft to cater the situations. But, in this post, I shall concentrate on BITs Throttling for SCCM DP.

Patch My PC

You can refer to the post from Rob York on 1. Managing remote machines with cloud management gateway in Microsoft Endpoint Configuration Manager2.Managing Patch Tuesday with Configuration Manager in a remote work world“.

Post from Jonas, Roland, and Stefan. ✔ Mastering Configuration Manager Bandwidth limitations for VPN connected Clients

BITs Throttling for SCCM DP

You can use the old school but a very effective method to control VPN tunnel traffic with BITs throttling options in the SCCM world! There are two sides to the BITs throttling, isn’t it?

1E Nomad

You can implement the BITs control at the Windows 10 client end as well as at the server end. Let’s see what are the options.

NOTE! – BITs throttling control at the client end might impact other applications as well.

Server Side

Let’s do this for the site servers causing load on the VPN as a test scenario.

What do you think SCCM DP is a good starting point for the same? I have related posts about IIS settings for WSUS and SUP. But, in this scenario, we are talking about SCCM DP IIS throttling. You can apply the same process for MP and SUP as well. What do you think?

  • Login to Remote Site System or Site Server of SCCM where DP role is installed
  • Launch IIS
  • Select Default Web Site >> Advanced Settings
  • Under Advanced Setting window – Check the default value for Maximum Bandwidth (Bytes) settings
  • The default setting is on my lab server 4294967295 bytes = ~4.3 GB
  • Try to change the setting accordingly as per your requirements
BITs Throttling for SCCM DP - IIS Configuration
BITs Throttling for SCCM DP – IIS Configuration – ConfigMgr

Windows 10 Client Side BITs Throttling

You can apply group policy referred below to have this client-related policy. Or you can use the Windows CSP method to control the BITs traffic coming out from the Windows 10 devices.

SCCM Client Settings for BITs

BITs settings via Client Settings
BITs settings via Client Settings

Group Policy Settings are given below:

  1. Open Group Policy by entering gpedit.msc
  2. BITS policies are located under Computer ConfigurationAdministrative TemplatesNetworkBackground Intelligent Transfer Service.
  3. Right-click the policy Limit the maximum network bandwidth for BITS background transfers and edit.
  4. Select the ENABLE button to set up the BITs throttling from Windows 10 client-side.
    • Change the settings as per your requirements. The following are the default settings.
  5. Restart the BITs services to apply this setting.
Windows 10 Client Side BITs Throttling - BITs Throttling for SCCM DP - ConfigMgr
Windows 10 Client Side BITs Throttling – BITs Throttling for SCCM DP – ConfigMgr

Let’s check BITs Throttling for SCCM DP policy (Limit the maximum network bandwidth for BITS background transfers) description below (not specifically for DP traffic but applicable for all the traffic).

This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers. (This policy setting does not affect foreground transfers.)

You can specify a limit to use during a specific time interval and at all other times. For example, limit the use of network bandwidth to 10 Kbps from 8:00 A.M. to 5:00 P.M., and use all available unused bandwidth the rest of the day's hours. 

If you enable this policy setting, BITS will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). 

If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0. 

If you disable or do not configure this policy setting, BITS uses all available unused bandwidth. Note: You should base the limit on the speed of the network link, not the computer's network interface card (NIC). 

This policy setting does not affect Peercaching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose. 

Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).