When I talk to my customers about the SCCM Cloud Management Gateway setup, the first question that will be asked is, will there be any cost associated with this service? if so, what will be the cost for X number of clients that will be utilizing the CMG service.
Even though the implementation of CMG doesn't require on-premise infrastructure* but there will be cost associated with this solution every month.
In this blog post, I will provide some information on how to estimate the cost for your infrastructure based on the number of clients that you support using CMG.
Note: The following information provided is for estimation purpose ONLY.
The following are the components (Azure) involved in costing:
1. Virtual Machine—>CMG uses a virtual machine in Azure Cloud Services as a platform as a service (PaaS). The standard VM that it uses is A2 V2 per instance.
2.Outbound data transfer (egress or download)—> The data that flow into the Azure is free. Anything that flows out of the Azure will be charged such as policies, client notifications, content download, inventory reports, status messages, compliance status, etc.
3.Content Storage (egress or download)—>This data includes the content/applications that clients download from the distribution point.
Cost estimation for each Azure component:
1. Virtual Machine:
Let's take an example, you are managing 10000 clients using SCCM, out of which, you expect 5000 clients will use CMG services on internet.
As per the Microsoft recommendation, 1 CMG instance will support up to 6000 simultaneous connections which means you can go with 1 instance but recommended to have 2 for HA. Let's stick with 1 for now for cost.
The cost for 1 instance per month will be around 87.60 (excluding the OS license,Azure Hybrid benefit). If you include the OS license for the Azure VM, the cost will be around 131.40$
The price will vary if you go with reserved instance, but if you go with pay as you go and Azure hybrid benefit, the cost will be around 87.60$.
2.Outbound data transfer (egress or download):
The outbound data transfer includes 2 ways such as client policy polling interval, software update scan, etc, and the other data that flows from CMG to an on-premise site such as inventory reports, status messages, and compliance. There will be an estimation of 100-300MB per client per month from internet-connected.
This again depends on how you configure your client settings. If you have configured the client settings with policy poling internal every 30 min or so, client hardware inventory, every few hours etc then there will be more data generated which will increase the cost.
With default client settings configuration such as 60 min policy polling interval,7 days hardware inventory, 7 days software update scan cycle etc., will estimate of 100MB. The more aggressive client settings will lead to 300MB or even higher.
we will consider 200MB per client per month.
For 5000 clients, The total egress will be 5000*200MB=1TB
The total cost for 1TB per month= 1000GB*0.087(cost per GB based on central US region)=87$
Please note that the first 5GB per month is free is not specific to CMG service but it is for the entire azure tenant where the CMG subscription is located.
3.Content Storage (egress or download):
This is mostly for content download from the cloud DP such as applications, packages for your deployments. We consider about 200GB worth of applications/packages downloaded by your clients in a month.
The cost will be around 200GB*0.087=18$.
If you don't deploy any apps but software updates only, then there is no charge for downloading the software updates from the internet. It is recommended not to distribute the software update content to cloud DP.
If we sum up the cost for 5000 CMG clients for all the CMG services including 1 VM, storage cost, it will be 87.60+87+18=200$ per month.
If you have more than 5000 clients using CMG service, you may have to increase the number of VM Instances to 2 which will add another 87$ and the outbound data transfer cost as well.
If you don't want any surprises in the month-end, you have an option to stop the CMG service when the critical threshold is exceeded.
If you are running Technical preview build 1903 and above, there is cloud cost estimator tool that will help you to figure out the expected cost based on the filter you choose.
You can also read the blog post from John about some real world cost for using CMG: https://deploymentresearch.com/real-world-costs-for-using-a-cloud-management-gateway-cmg-with-configmgr/
Thanks for reading the post!
Hi, Thanks for the article. You mention that it isn't recommended to distribute software update content to the cloud DP. Where else will clients download the content from when they are internet connected
clients will download the content from windows update URL which is public site. This is same like downloading the software updates in SCCM or doing windows update on a device manually.
Thanks for the article, I was just wondering if there was any costs apart from egress to actually host the package, application content stored? so if I add 200GB worth of packages etc is this charged anything to just be sat there if not downloaded.
There is no cost involved for sending the content to CMG such as packages applications from SCCM. You can send as much as content to CMG DP. Only the data tha goes out of CMG such as content download by client will be charged.