DirectAccess

What is DirectAccess?

DirectAccess is a new feature in the Windows® 7 and Windows Server® 2008 R2 operating systems that gives users the experience of being seamlessly connected to their corporate network any time they have Internet access. With DirectAccess, users are able to access corporate resources (such as e-mail servers, shared folders, or intranet Web sites) following common security standards, anytime they have an internet connection.

• Improve Productivity of Mobile Workforce. DirectAccess provides increased productivity for your mobile workforce by offering the same connectivity experience both in and outside of the office. DirectAccess is on whenever the user has an Internet connection, giving users access to intranet resources whether they are traveling, at the local coffee shop, or at home.
• Improved Manageability of Remote Users. Without DirectAccess, mobile computers can only be managed when users connect to a VPN or physically enter the office. With DirectAccess, mobile computers can be managed any time the mobile computer has Internet connectivity, even if the user is not logged on. This allows remote computers to be managed regularly and helps ensure mobile users stay up-to-date with security and system health policies. DirectAccess helps ensure that organizations can meet regulatory and privacy mandates for security and data protection for assets that must roam beyond the corporate network.
• Improved security. DirectAccess uses Internet Protocol security (IPsec) for authentication and encryption. Optionally, you can require smart cards for user authentication. DirectAccess integrates with Network Access Protection (NAP) to require that DirectAccess clients must be compliant with system health requirements before allowing a connection to the DirectAccess server. IT administrators can also configure the DirectAccess server to restrict the servers that users and individual applications can access.