DirectAccess is a side shift in remote access technology. Traditional client-based remote access is user-initiated, requiring the user to establish a Virtual Private Network (VPN) connection any time they need access to the corporate network. By contrast, DirectAccess is completely transparent to the user. The corporate network connection is established in the background automatically whenever the user has access to the Internet. Fundamentally, DirectAccess isn’t really a VPN at all. There’s nothing virtual about this network – it is the private network.
All this is included free as a feature of the Server 2012 R2 operating system. No VPN dongles, licenses and client deployment required.
Remote users and computers are managed with the same tools employed for controlling resources connected directly to the corporate network. Group Policy Objects are applied, mobile computers are available for inventory updates, application deployment, patching and any other capabilities provided by a desktop management solution such as Microsoft System Center Configuration Manager (SCCM).
DirectAccess client computers connect to the network before the user logs in so that computers are already available for system management, increasing end-user productivity. There’s no complicated connection routine or software that requires the end-user to manually initiate a connection. DirectAccess works anywhere, with users able to connect seamlessly through a wide variety of networks and firewalls.
Whereas VPN will direct all intranet and internet traffic down a single tunnel, DirectAccess separates intranet and Internet traffic to improves performance.
Client connections are always on providing assurance that the connection between client and server remain secure. During the IPsec connection establishment, the DirectAccess server authenticates to the client and the client authenticates with the server using supported end-to-end authentication and encryption.
DirectAccess also incorporates a simple management console for monitoring and reporting on up to 8 servers in a server array.
BDS Solutions has successfully deployed DirectAccess for numerous NHS organisations including Clinical Commissioning Groups, Hospitals and Ambulance Services.