Workspace ONE UEM partners with Adaptiva to offer an alternative peer distribution system. In the Adaptiva peer distribution system, installation begins with a specific device in the office or subnet called the rendezvous point (RVP). This initial download takes time. However, installation times improve because devices are not taxing the storage system or the line of communication for the application package. Instead, devices receive the package from other devices in the network. The system also monitors the network for traffic. If the network is busy, installations pause until the network availability increases.

Adaptiva Peer Distribution Component Roles

Peer distribution uses two main components: a peer-to-peer server and peer-to-peer clients.

  • Peer-to-peer server
    • This component maintains the metadata of the Win32 applications but not the actual application packages. It also maintains information about clients, client IP addresses, the number of active clients, and the content presently at each client.
    • This component resides in your network and it must communicate with these components.
      • VMware Enterprise Systems Connector
      • SQL Database or SQL Server Express
      • Peer-to-peer clients on devices
    • Download and install the server from the Workspace ONE UEM console before you configure the peer distribution.
    Peer-to-peer clients
    • This component distributes application packages between peers, or devices, and it receives application metadata from the server. These clients use licenses you buy with the peer distribution feature.
    • This component resides on devices and it must communicate with these components:
      • Software distribution clients on devices
      • Peer-to-peer server
    • The peer distribution system automatically deploys clients to devices when you complete the peer distribution software setup. An installed peer-to-peer client uses one license.
  • Network Topology
    • This component represents your network as offices in a hierarchy. It enables the peer distribution system to deploy applications more efficiently. It uses the hierarchy to control what clients get downloads and in what order. It uses devices called rendezvous points, or RVPs, as master clients in an office. The RVP receives downloads and disseminates the applications to peer clients.
    • This component is a spreadsheet that you upload to the Workspace ONE UEM console. If you do not have a network topology, you can download the spreadsheet from the console and edit the topology initially identified by the peer distribution system.
    • Though this component is optional, it greatly improves efficiencies and download speeds.

Considerations for Peer-To-Peer Distribution with Adaptiva

To help set up your peer distribution system and to avoid configuration issues, review the network behaviors, the types of communication, the communication channels between components, and license management.

  • Common Network - The peer-to-peer server, the VMware Enterprise Systems Connector, and the peer-to-peer clients must all communicate on the same network. If these system components are on subnets of your network and the subnets can communicate, then the feature can transfer applications. Clients that are not on the network cannot receive applications with the peer-to-peer distribution.
  • Encryption - Communication between the peer-to-peer server and Workspace ONE UEM is encrypted. The communication is not encrypted between peer-to-peer clients in the network. This communication uses UDP but the package itself is not encrypted between clients. Although the system checks for tampered packages, a best practice is not to send confidential packages with the peer-to-peer distribution.
  • UDP - The peer-to-peer server and client use UDP to communicate with Workspace ONE UEM.
  • Central Office - The peer-to-peer server must reside in one of the subnets in the top-tiered Central Office.
  • License Overages - The peer-to-peer system does not stop you from assigning more licenses than you have bought. If you assign extra licenses, the system charges you for them.

    To help gauge license usage, the ratio of client installation to the used license is one to one.

  • Open Ports - The peer-to-peer client needs specific ports open to transfer metadata. Find out if your network management team has closed the required ports or has blocked broadcasting on these ports. If these ports are closed or do not allow broadcasting, contact your Workspace ONE UEM representative about alternative ports.
  • Console, Client, and Server Versions - You must deploy and use the supported version of the peer-to-peer client and the peer-to-peer server. Update the peer-to-peer server when the Workspace ONE UEM console includes an update to the peer-to-peer client. If the versions are not supported, the feature does not work.
  • SQL Server Express - Download and install SQL Server Express on the same server that has the VMware Enterprise Systems Connector. Install this component before configuring peer-to-peer setup because it might take some time to complete its installation.
  • Application Metadata - The peer-to-peer system stores and transmits the blob ID (or content ID), the application size, and the application hash. It does not store or transfer any other data.
  • Initial Downloads - The first download in a peer distribution process takes the longest time. After the initial downloads and as more devices in the subnet receive the application, download times get faster.
  • Activation Processes - After you save your configurations, the system activates the peer-to-peer server and clients with a license key. You can input your topology or use the one the network generates at activation. Also at the time of activation, the system publishes all the existing Win32 application content to the peer-to-peer server. From this point on, devices that belong to the peer distribution network begin to receive the application download.

Requirements for Adaptiva Peer-To-Peer Distribution

Peer distribution requires components for communication, data management, application deployment, and optional storage.

Supported Platforms and Application Types
  • Windows Desktop (Windows 10)
  • Win32 applications
Required Components
  • SQL - Get SQL Server Express or see if your organization uses SQL Database. The peer-to-peer server uses SQL Database to store application metadata and information about the network topology. To download SQL Server Express, outbound port 443 must be open.

    Ensure that the peer-to-peer server can communicate with SQL Server Express or the organization's SQL Database.

  • VMware Enterprise Systems Connector - Ensure that VMware Enterprise Systems Connector is enabled. This component ensures secure communication between your network and Workspace ONE UEM. Ensure that the All Other Components option is enabled in the VMware Enterprise Systems Connector configurations located in the console at Groups & Settings > All Settings > Enterprise Integration > VMware Enterprise Systems Connector > Advanced > AirWatch UEM Services > All Other Components.
  • Software Package Deployment - Configure Workspace ONE UEM to recognize the deployment of application packages through the software distribution method. The software distribution client resides on devices to communicate with the peer-to-peer system and the Workspace ONE UEM console. Go to Groups & Settings > All Settings > Device & Users > Windows > Windows Desktop > App Deployments and enable Software Package Deployment.

  • File Storage (on-premises) - Workspace ONE UEM stores Win32 applications on a secure file storage system. Peer-to-peer clients receive application packages from the storage system when clients cannot find other clients with the application package.

Ports Used for Peer-To-Peer Distribution with Adaptiva

Open specific ports in your network so that the peer-to-peer clients can transfer metadata to the peer-to-peer server. If you have no group policies that block the creation of firewall policies, the peer distribution component installers create the necessary firewall rules.

Table 1. Messaging from Client to Server
Sending Component Receiving Component Protocol Port Description
Peer-to-peer clients Peer-to-peer server UDP 34322 After clients receive small messages, they acknowledge or reply to the server.
Peer-to-peer clients Peer-to-peer server UDP 34323 Clients send small messages to the server.
Peer-to-peer clients Peer-to-peer server UDP 34331 Large replies from clients to the server using Foreground Protocol.
Peer-to-peer clients Peer-to-peer server UDP 34333 Clients send large messages to the server using Foreground Protocol.
Peer-to-peer clients Peer-to-peer server UDP 34339 Large replies from clients to the server using Background Protocol.
Peer-to-peer clients Peer-to-peer server UDP 34341 Clients send large messages to the server using Background Protocol.
Table 2. Messaging from Server to Client
Sending Component Receiving Component Protocol Port Description
Peer-to-peer server Peer-to-peer clients UDP 34324 After the server receives small messages, it acknowledges or replies to clients.
Peer-to-peer server Peer-to-peer clients UDP 34325 Server sends small messages to clients.
Peer-to-peer server Peer-to-peer clients UDP 34335 Large replies from the server to clients using Foreground Protocol.
Peer-to-peer server Peer-to-peer clients UDP 34337 Server sends large messages to clients using Foreground Protocol.
Peer-to-peer server Peer-to-peer clients UDP 34343 Large replies from the server to clients using Background Protocol.
Peer-to-peer server Peer-to-peer clients UDP 34345 Server sends large messages to clients using Background Protocol.
Table 3. Messaging from Client to Client
Sending Component Receiving Component Protocol Port Description
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34324 After clients receive small messages from another client, acknowledgments and replies are sent to this port.
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34325 Clients send small messages to other clients.
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34335 Large replies from clients to clients using Foreground Protocol.
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34337 Clients send large messages to other clients using Foreground Protocol.
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34343 Large replies from clients to clients using Background Protocol.
Peer-to-peer clients Peer-to-peer clients
  • Same office
  • Parent offices
  • Child offices
UDP 34345 Clients send large messages to other clients using Background Protocol.
Table 4. Messaging client to Client Broadcast
Sending Component Receiving Component Protocol Port Description
Peer-to-peer clients Peer-to-peer clients in the same subnet UDP 34329 Clients broadcast requests to other clients
Table 5. Data Transfer from Server to Client
Sending Component Receiving Component Protocol Port Description
Peer-to-peer server Peer-to-peer clients in the Central Office UDP 34760 Server sends content to clients using Foreground Protocol.
Table 6. Data Transfer from Client to Client
Sending Component Receiving Component Protocol Port Description
Peer-to-peer clients Peer-to-peer clients in the same office UDP 34760 Clients send content to other clients in the same logical office using Foreground Protocol.
Peer-to-peer clients Peer-to-peer clients in child offices UDP 34750 Clients send content to clients in child offices using Background Protocol.
Table 7. Data Transfer Control Ports
Sending Component Receiving Component Protocol Port Description
Peer-to-peer clients Peer-to-peer server UDP 34545 Clients send a control signal to the server for any large transfer using Adaptive Protocol.
Peer-to-peer clients Peer-to-peer clients in the same office, in parent offices, and in child offices UDP 34546 Clients send a control signal to other clients for any large transfer using Adaptive Protocol.
Table 8. Data Transfer between VESC, Server, and Database
Sending Component Receiving Component Protocol Port Description
VMware Enterprise Systems Connector (VESC) Peer-to-peer server UDP 34323 VESC sends messages for activation, health checks, application metadata to the peerto- peer server.
Peer-to-peer server VESC UDP 34320 Peer-to-peer server responds to requests from the VESC.

Data Transport Behaviors for Peer-To-Peer Networks

To control the sources of application packages, also called distribution optimization, in your peer-to-peer deployment, consider how data transfers within networks and subnetworks.

Define an office with one or more subnets or subnet ranges connected over a local area network (LAN). Offices retrieve the content from their parent offices, and distribute them to their child offices.
  • Office Types - Peer distribution has three types of offices, and these office types share data in specific ways.
    • Default - Defines a standard wired LAN. Clients attempt to the share content and they send broadcast discovery requests.
    • VPN - Defines an office and subnet range allocated for clients connecting through VPN. Clients within a VPN office do not attempt to the share content, but they do send broadcast discovery requests.
    • WiFi - Defines an office and subnet range allocated to clients connected over WiFi. Clients within a WiFi office share content, but they do not send broadcast discovery requests.

    Note: If you have a physical office with a wired (default) subnet and a WiFi subnet, create an office for each network. Make the WiFi office a child of the wired office so that the WiFi network receives packages from the wired parent office.
  • Central Office and the Peer-to-Peer Server - The peer-to-peer server must reside in one of the subnets in the top-tiered Central Office. This placement makes it available to all clients in the hierarchy.

Data Transport in Offices

The system distributes content from a parent to child office once. This behavior limits data sent across wide area network (WAN) links.
  • Adaptive Protocol - The adaptive protocol is a proprietary protocol that monitors the length of edge router queues and sends data when queues are nearly empty. This protocol, implemented by an advanced kernel driver, removes the need to throttle the bandwidth when deploying applications with the peer distribution.
  • Within Offices - Data transport within offices uses the LAN, or Foreground protocol. The peer distribution system does not manage this protocol.
  • Between Offices - Data transport between offices uses the WAN, or Background protocol. This protocol is also called the Adaptive Protocol that protects the bandwidth availability on WAN links.
  • Between Subnets - Define subnets connected over a WAN link as separate offices. If offices are misconfigured, the LAN protocol might be used over a WAN link, causing saturation of the WAN.

Clients Receive Applications According to Ordered Criteria

The peer-to-peer system sends and receives applications according to many factors, including the available device space, device form factor, and operating system type. The download order follows these elections from top to bottom.

  1. Devices with the largest actual free space
  2. Devices that are identified as preferred, also called RVPs (rendezvous points)
  3. Device chassis type (desktops are selected over laptops)
  4. Device operating system type (servers are selected over work stations)
  5. Devices with the longer system up-times
  6. Devices with the largest usable free space

Back up Systems

Peer-to-peer clients receive application packages from a CDN or a file storage system when they cannot find packages within the hierarchy. A CDN, which is optional for on-premises deployments, offers increased download speed over the file storage system.