Blogs

It is with great pleasure that I announce that I’ll be delivering a comprehensive, three-hour deep-dive training session at the TechMentor 2014 conference this year. The conference will be held August 11-15, 2014 in Redmond, WA. During the session you’ll learn how to design, plan, implement, and support DirectAccess running on Windows Server 2012 R2.

When DirectAccess was first introduced in Windows Server 2008 R2, and continuing with Forefront Unified Access Gateway (UAG) 2010 DirectAccess, there was a hard requirement for the DirectAccess server to be configured with two network interfaces; one internal, and one external. The external network interface also required two consecutive public IPv4 addresses and did not support placement behind a Network Address Translation (NAT) device.

When deploying DirectAccess, a critical infrastructure component is the Network Location Server (NLS). The NLS is used by DirectAccess clients to determine if they are inside or outside of the corporate network. Based on NLS reachability, the DirectAccess client will decide if it should attempt to establish DirectAccess connectivity to the tunnel endpoints specified by the DirectAccess configuration. If the DirectAccess client can connect to the NLS, it assumes it is inside the corporate network and does not establish DirectAccess connectivity.

Here at Iron Networks we deploy Microsoft DirectAccess on a near daily basis for companies all over the world. We’ve gained a tremendous amount of experience doing this, and much of what we’ve learned over the years is baked in to our DirectAccess hardware appliance platform.

I have spoken about Microsoft DirectAccess at events all around the world and introduced this compelling remote access solution to countless IT professionals over the last few years. When I explain how this seamless and transparent, always-on remote corporate network connectivity solution works, and especially after I demonstrate it in action, I see the light come on for many when they begin to realize just how transformative DirectAccess really is.

One of the essential characteristics of a cloud computing infrastructure is resource pooling. A hypervisor is installed on individual systems to provide abstraction of the underlying hardware in order to provide resource pooling for compute resources. In the Microsoft Windows Server 2012 R2 operating system, the hypervisor is Hyper-V.

Are you interested in learning about Microsoft DirectAccess, the always-on, seamless and transparent remote access feature in Windows Server 2012? Then join me on Thursday, October 3, 2013 for a webinar where I’ll describe in detail what DirectAccess is, how it functions, what the benefits are for deploying DirectAccess in terms of security and ease of use, and much more.

When DirectAccess was first introduced as a feature of Windows Server 2008 R2, many considered the concept of always-on, secure remote access a natural evolution of traditional Virtual Private Networking (VPN) technologies. VPN had gone from being something that only IT administrators needed to provide remote support for their systems to an essential productivity tool for the modern, mobile workforce. Unfortunately, DirectAccess in Windows Server 2008 R2 was a bit ahead of its time.

Here on the Iron Networks Cloud Infrastructure Blog we talk quite a bit about the Microsoft private cloud with Hyper-V and System Center. We’ve extolled the virtues of the Microsoft Private Cloud stack with Windows Server 2012 R2 Hyper-V and System Center 2012, the building blocks for deploying scalable, highly available systems to support agile and dynamic workloads.

For providing secure remote access to on-premises data and applications, there’s no question that DirectAccess is the best solution. If you’ve deployed DirectAccess using Windows Server 2012 behind a Network Address Translation (NAT) device, it’s a good idea to disable any unused IPv6 transition protocols.