As we have described in a previous blog post, Microsoft DirectAccess has many benefits over traditional VPN: http://www.nappliance.com/blog/nappliance-nuag-and-directaccess-better-together. So why have many organizations not yet deployed it?  IT administrators and Directors of IT may be aware of some of the significant benefits it brings, but balk at the complexity of getting it implemented, or at the perceived cost.  We will address the complexity in a separate post, but for this one we’ll talk about how implementing DirectAccess can lower your TCO on remote access, specifically a scenario where you will have no excuse not to deploy it because of the overwhelming economic benefits.

Have you Deployed Windows 7 Enterprise or Ultimate?

One of the largest pre-requisites of utilizing Microsoft DirectAccess is the need to have your remote managed corporate endpoints running Windows 7 or Enterprise.  Let’s rewind back in time and look at the beginning of 2010, when Windows 7 and Unified Access Gateway 2010 were still brand new products , very few companies were ready to deploy Direct Access as the successful deployment of it would mean the adoption and rollout of both these technologies at the enterprise level.  There were early adopters for both Win 7 and UAG 2010, and we were among those deploying  appliances at some of the first UAG DA customers, wider spread adoption would not come until more companies had actually deployed Windows 7 to their endpoints.  XP was still the corporate standard and most companies were either planning their Win 7 rollouts, just starting them, or still trying to get budget in place.

Fast forward to 2012 when number of Windows 7 endpoints have surpassed XP in terms of overall numbers and the picture has changed dramatically.  (This officially happened sometime in 2011 between September and October October).     Windows 7 has become the de-facto standard for both consumers and businesses as the OS of choice for desktops and laptops.  With organizations using Windows 7 enterprise, the adoption of DA becomes a much more attractive proposition as there is no client install necessary on these endpoints, and users are set up for remote access via GPO’s.  Any organization that has rolled out Win 7 Enterprise, or is in the process of doing so, should strongly consider adopting DirectAccess as their remote access method of choice for managed endpoints.

Along Comes Microsoft E-CAL:

In the past several years, Microsoft has been bundling client access licensing (CAL) for a large variety of products into one simplified CAL called the Enterprise CAL or E-CAL.  This allows organizations adopting many separate Microsoft technologies to take advantage of economies of scale and gain significant cost savings from the purchase of one single CAL license per user.  Instead of buying a CAL for each of these technologies, they will purchase one CAL that is lowers their cost and administrative burden.  As of 2010 UAG was included in the E-CAL, which means all companies who own the E-CAL, already own the CAL cost for deploying DA, as UAG 2010 is a necessary pre-requisite.  Companies who already own the E-CAL should seriously consider deploying UAG DA as they literally already own the client piece, which in a remote access deployment for a large organization, per seat costs, often on an annual basis, are the lion share of their expense.

 

E-CAL and Windows 8 Enterprise Economics:

The implications of having both the E-CAL and windows 7 deployed for the enterprise are enormous.  This means for DirectAccess, not only will you have no need for a client deployment, but you will already own the client piece.  Your cost of deployment and maintenance of this remote access solution drops dramatically.  You will no longer have the very costly client management, or annual per user renewal fees of a 3rd party solution.  All you need at that point are the UAG appliances and a proper DA deployment and you will be up and running.  Any cost of deployment and/or learning curve on the new technology will be greatly outweighed by the savings on you will get and the benefits of the always on, always managed solution. 

So if you have deployed Windows 7 Enterprise for your end-points or are in the process, and have purchased the Enterprise CAL, from a TCO perspective, you will literally have no excuse not to deploy DirectAccess as the remote access solution of choice for your managed endpoints.

Cheers
George Davidson

Category: