Is DirectAccess one of the most exciting new Microsoft technologies?

DirectAccess could be one of the most exciting technologies to come with the arrival of Windows 7 and Server 2008 R2.

DirectAccess allows clients that are not directly connected to the corporate LAN to access internal resources by establishing an IPSec encrypted tunnel (between two Ipv6 addresses, through the intermediate IPv4 network and internet). In short, clients that are not at the LAN in a traditional sense, are on the LAN.

In a way, this is similar to a VPN connection, except that there is no additional connection to establish, the connection is made when the client PC is turned on before the user even logs on, just as long as they have internet access.

This allows easy connectivity for the clients and, at the same time ease of management from the LAN in deploying patches and software using technologies such as SCCM (the new SMS).

This functionality is advertised as Windows 7 functionality but to be honest the entire configuration to support DirectAccess, is done server side. In fact there are no client configurations necessary - the settings can all be delivered automatically by the servers. To do this you will need to fully understand topics such as IPv6, Certificates, CRL distribution points, IPsec , and Firewall configurations.

Setting up DirectAccess is actually a simple 4 part wizard, but all these supporting technologies need understanding and configuration beforehand and as this is allowing access to your secure network containing private and commercially sensitive information you wouldn’t want to get it wrong.

Therefore if this technology is of interest to you why not come on our Windows Server 2008 Network Infrastructure & Security (W2K84NET) course which covers all of these areas and much much more.