|
-
March 15th, 2009, 12:19 AM
#39
The DirectAccess Server does not have to be public-facing. You can use ISA/IAG at the perimeter and route through to a DirectAccess server internally.
DirectAccess can be configured so that all data is encrypted using IPSec from the client through the DirectAccess server all the way to the internal file or application servers, providing better protection than most VPN connections.
DirectAccess relies on IPv6 which has more security controls / features than IPv4.
Aside from the actual infrastructure and architecture of DirectAccess though, I would also suggest that the ability for mobile computers to be seamlessly connected to the internal network and for IT admins to be able to monitor, patch, and otherwise maintain wandering computers even when the user is not logged in provides a broader level of security as well while also improving the efficiency and productivity of the mobile users and the IT personnel.
That is my '10,000 foot view', DirectAccess-in-a-nutshell answer. We can dive deeper if you have more specific questions.
Similar Threads
-
By mohaughn in forum Microsoft Security Discussions
Replies: 9
Last Post: May 13th, 2006, 10:17 PM
-
By gore in forum Other Tutorials Forum
Replies: 6
Last Post: October 5th, 2004, 08:26 AM
-
By Cybr1d in forum Other Tutorials Forum
Replies: 4
Last Post: February 6th, 2004, 09:30 PM
-
By warl0ck7 in forum Microsoft Security Discussions
Replies: 7
Last Post: August 14th, 2003, 12:23 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote