none
WUDO - Clarification: Can it tunnel out through the fireall protecting my network?

    General discussion

  • There are a lot of tech sites today broadcasting the message that Microsoft is "stealing bandwidth" with a feature in Windows 10 called Windows Update Delivery Optimization (WUDO).

    Does WUDO create a tunnel and connect to a remote host similar to the way GoToMyPC does?  Can it tunnel right past my firewall unless I create a rule specifically blocking it? 

    I can see value in sharing these files on my local network but worry about the risk associated with a tunnel that I have little control over.  I know the option can be disabled but that appears to be a manual process and we plan to roll several hundred of these out when the Enterprise edition is available.

    TIA!

    Vince

    Friday, July 31, 2015 5:39 PM

All replies

  • The Enterprise edition doesn't, by default, enable the option to fetch updates from the Internet. If you really want to kill the delivery optimization service, you can set the DoSvc service to disabled in Group Policy so it never starts up.

    A quick check on my system here shows that when DoSvc starts up, it creates a TCP listener on port 7680 and a UDP receiver on port 3544. I wouldn't class this as definitive information, but until there's documentation on how Delivery Optimization works, experimentation is all you've got.


    Alun.

    Friday, July 31, 2015 7:41 PM
  • you can set the DoSvc service to disabled in Group Policy so it never starts up.

    Providing you control the clients via GP. Some people looking at this issue may not even have any control over the client side at all - guest networks for example.

    It would be nice if they'd documented this prior to the public release...

    Saturday, August 15, 2015 12:54 PM