Intune 網路設定需求與頻寬Intune network configuration requirements and bandwidth

適用於︰IntuneApplies to: Intune
本主題適用於 Azure 入口網站和傳統入口網站中的 Intune。This topic applies to Intune in both the Azure portal and the classic portal.

本指南可協助 Intune 系統管理員了解 Intune 服務的網路需求。This guidance helps Intune admins understand the network requirements for the Intune service. 您可以使用這項資訊來了解頻寬需求,以及 Proxy 設定所需的 IP 位址和連接埠設定。You can use this information to understand bandwidth requirements and IP address and port settings needed for proxy settings.

平均網路流量Average network traffic

此表格列出每個用戶端透過網路傳輸的一般內容的估計大小和頻率。This table lists the approximate size and frequency of common content that travels across the network for each client.


為確保裝置從 Intune 接收更新與內容,它們必須定期連線到網際網路。To ensure devices receive the updates and content from Intune, they must periodically connect to the Internet. 接收更新或內容所需要的時間不定,但應保持每天至少 1 小時持續連線到網際網路。The time required to receive updates or content can vary, but they should remain continuously connected to the Internet for at least one hour each day.

內容類型Content type 大小近似值Approximate size 頻率和詳細資料Frequency and details
Intune 用戶端安裝Intune client installation

以下是除了安裝 Intune 用戶端以外的需求The following requirements are in addition to the Intune client installation
125 MB125 MB 一次One time

用戶端下載的大小會因用戶端電腦的作業系統而不同。The size of the client download varies depending on the operating system of the client computer.
用戶端註冊套件Client enrollment package 15 MB15 MB 一次One time

當此內容類型有更新時,可能會進行其他下載。Additional downloads are possible when there are updates for this content type.
Endpoint Protection 代理程式Endpoint Protection agent 65 MB65 MB 一次One time

當此內容類型有更新時,可能會進行其他下載。Additional downloads are possible when there are updates for this content type.
Operations Manager 代理程式Operations Manager agent 11 MB11 MB 一次One time

當此內容類型有更新時,可能會進行其他下載。Additional downloads are possible when there are updates for this content type.
原則代理程式Policy agent 3 MB3 MB 一次One time

當此內容類型有更新時,可能會進行其他下載。Additional downloads are possible when there are updates for this content type.
Remote Assistance via Microsoft Easy Assist 代理程式Remote Assistance via Microsoft Easy Assist agent 6 MB6 MB 一次One time

當此內容類型有更新時,可能會進行其他下載。Additional downloads are possible when there are updates for this content type.
日常用戶端作業Daily client operations 6 MB6 MB 每日Daily

Intune 用戶端會定期與 Intune 服務通訊,以檢查是否有更新和原則,並將用戶端的狀態回報給服務。The Intune client regularly communicates with the Intune service to check for updates and policies, and to report the client’s status to the service.
Endpoint Protection 惡意程式碼定義更新Endpoint Protection malware definition updates 不定Varies

通常為 40 KB 到 2 MBTypically 40 KB to 2 MB

最多一天 3 次。Up to three times a day.
Endpoint Protection 引擎更新Endpoint Protection engine update 5 MB5 MB 每月Monthly
軟體更新Software updates 不定Varies

大小依您部署的更新而定。The size depends on the updates you deploy.

一般情況下,軟體更新會在每個月的第二個星期二發佈。Typically, software updates release on the second Tuesday of each month.

剛完成註冊或部署的電腦在下載先前發行的整組更新時,可能也會佔用較大的網路頻寬。A newly enrolled or deployed computer can use more network bandwidth while downloading the full set of previously released updates.
Service PackService packs 不定Varies

大小會因您部署的每個 Service Pack 而不同。The size varies for each service pack you deploy.

視您何時部署 Service Pack 而定。Depends on when you deploy service packs.
軟體發佈Software distribution 不定Varies

大小依您部署的軟體而定。The size depends on the software you deploy.

視您何時部署軟體而定。Depends on when you deploy software.

減少網路頻寬用量的方式Ways to reduce network bandwidth use

您可以使用下列其中一或多種方法,減少 Intune 用戶端佔用的網路頻寬。You can use one or more of the following methods to reduce network bandwidth use for Intune clients.

使用 Proxy 伺服器快取內容要求Use a proxy server to cache content requests

Proxy 伺服器可以快取內容來減少重複的下載,並減少網際網路內容佔用的網路頻寬。A proxy server can cache content to reduce duplicate downloads and reduce network bandwidth from content from the Internet.

接收用戶端內容要求的快取 Proxy 伺服器可以擷取該內容,並快取網頁回應和下載。A caching proxy server that receives content requests from clients can retrieve that content and cache both web responses and downloads. 伺服器會使用快取的資料回應用戶端的後續要求。The server uses cached data to answer subsequent requests from clients.

下列一般設定適用於快取 Intune 用戶端內容的 Proxy 伺服器。The following are typical settings to use for a proxy server that caches content for Intune clients.

SettingSetting 建議值Recommended value 詳細資料Details
快取大小Cache size 5 GB 至 30 GB5 GB to 30 GB 這個值會根據網路中的用戶端電腦數目以及您使用的設定而不同。The value varies based on the number of client computers in your network and the configurations you use. 為了避免系統太快刪除檔案,請根據您的環境調整快取的大小。To prevent files from being deleted too soon, adjust the size of the cache for your environment.
個別快取檔案大小Individual cache file size 950 MB950 MB 某些快取 Proxy 伺服器可能沒有提供這項設定。This setting might not be available in all caching proxy servers.
要快取的物件類型Object types to cache HTTPHTTP


Intune 封裝是背景智慧型傳送服務 (BITS) 下載作業透過 HTTP 擷取的 CAB 檔。Intune packages are CAB files retrieved by Background Intelligent Transfer Service (BITS) download over HTTP.

如需有關如何使用 Proxy 伺服器快取內容的詳細資訊,請參閱您的 Proxy 伺服器解決方案的文件。For information about using a proxy server to cache content, see the documentation for your proxy server solution.

在電腦上使用背景智慧型傳送服務Use Background Intelligent Transfer Service on computers

Intune 支援在 Windows 電腦上使用背景智慧型傳送服務 (BITS),以減少在您設定的期間所使用的網路頻寬。Intune supports using Background Intelligent Transfer Service (BITS) on a Windows computer to reduce the network bandwidth that is used during the hours that you configure. 您可以在 Intune 代理程式原則的 [網路頻寬] 頁面上設定 BITS 的原則。You can configure policy for BITS on the Network bandwidth page of the Intune Agent policy.

若要深入了解 BITS 和 Windows 電腦,請參閱 TechNet Library 中的背景智慧型傳送服務To learn more about BITS and Windows computers, see Background Intelligent Transfer Service in the TechNet Library.

在電腦上使用 BranchCacheUse BranchCache on computers

Intune 用戶端可以使用 BranchCache 來減少廣域網路 (WAN) 流量。Intune clients can use BranchCache to reduce wide area network (WAN) traffic. 下列作業系統支援 BranchCache:The following operating systems support BranchCache:

  • Windows 7Windows 7
  • Windows 8.0Windows 8.0
  • Windows 8.1Windows 8.1
  • Windows 10Windows 10

若要使用 BranchCache,用戶端電腦必須已啟用 BranchCache,接著再完成分散式快取模式的設定。To use BranchCache, the client computer must have BranchCache enabled, and then be configured for distributed cache mode.

根據預設,已安裝 Intune 用戶端時,電腦會啟用 BranchCache 和分散式快取模式。By default, BranchCache and distributed cache mode are enabled on computers when the Intune client is installed. 不過,如果群組原則已停用 BranchCache,則 Intune 不會覆寫該原則,且 BranchCache 保持停用。However, if Group Policy has disabled BranchCache, Intune does not override that policy and BranchCache remains disabled.

如果使用 BranchCache,請與組織中其他系統管理員合作管理群組原則和 Intune 防火牆原則。If you use BranchCache, work with other administrators in your organization to manage Group Policy and Intune Firewall policy. 確認他們沒有部署停用 BranchCache 或防火牆例外的原則。Ensure they do not deploy policy that disables BranchCache or Firewall exceptions. 如需 BranchCache 的詳細資訊,請參閱 BranchCache 概觀For more about BranchCache, see BranchCache Overview.

網路通訊需求Network communication requirements

啟用所管理裝置和雲端服務所需網站之間的網路通訊。Enable network communications between the devices you manage and the websites required for cloud-based services.

Intune 使用內部部署基礎結構 (例如,安裝 Intune 軟體的伺服器),但會提供選項來使用內部部署基礎結構 (包括 Exchange 和 Active Directory 同步處理工具)。Intune uses no on-premises infrastructure such as servers running Intune software, but there are options to use on-premises infrastructure including Exchange and Active Directory synchronization tools.

若要管理位於防火牆和 Proxy 伺服器後方的電腦,您必須啟用 Intune 的通訊。To manage computers behind firewalls and proxy servers, you must enable communication for Intune.

  • Proxy 伺服器必須同時支援 HTTP (80)HTTPS (443),因為 Intune 用戶端會使用這兩種通訊協定The proxy server must support both HTTP (80) and HTTPS (443) because Intune clients use both protocols
  • Intune 需要存取 的未驗證 Proxy 伺服器,才能進行某些工作,例如下載軟體和更新。Intune requires unauthenticated proxy server access to for some tasks such as downloading software and updates

您可以修改個別用戶端電腦上的 Proxy 伺服器設定,也可以使用群組原則設定來變更所有位於指定之 Proxy 伺服器後方的用戶端電腦設定。You can modify proxy server settings on individual client computers, or you can use Group Policy settings to change settings for all client computers that are located behind a specified proxy server.

受管理裝置需要進行可讓 [所有使用者] 穿過防火牆存取服務的設定。Managed devices require configurations that let All Users access services through firewalls.

下表列出 Intune 用戶端存取的連接埠和服務:The following tables list the ports and services that the Intune client accesses:

網域Domains IP 位址IP address 更多資訊請參閱 Office 365 URL 與 IP 位址範圍More information Office 365 URLs and IP address ranges

Apple 裝置網路資訊Apple device network information

主機名稱Hostname URL (IP 位址/子網路)URL (IP address/subnet) 通訊協定Protocol PortPort DeviceDevice
管理員主控台Admin Console ( ( TCPTCP 21952195 Apple iOS 和 macOSApple iOS and macOS
管理員主控台Admin Console TCPTCP 21962196 Apple iOS 和 macOSApple iOS and macOS
管理員主控台Admin Console Apple、*、*、*, *, *, * HTTPHTTP 8080 Apple iOS 和 macOSApple iOS and macOS
PI 伺服器PI Server TCPTCP 2195, 21962195, 2196 適用於 Apple iOS 和 macOS 雲端傳訊。For Apple iOS and macOS cloud messaging.
裝置服務Device Services TCPTCP 21952195 AppleApple
裝置服務Device Services TCPTCP 21962196 AppleApple
裝置服務Device Services Apple ** * ** * HTTPHTTP 8080 AppleApple
裝置 (網際網路/Wi-Fi)Devices (Internet/Wi-Fi) TCPTCP 5223 和 4435223 and 443 僅限 Apple。Apple only. '#' 是 0 到 200 之間的亂數。'#' is a random number from 0 to 200.
裝置 (網際網路/Wi-Fi)Devices (Internet/Wi-Fi) HTTP/HTTPSHTTP/HTTPS 80 或 44380 or 443 僅限 AppleApple only