In our previous post at http://www.nappliance.com/blog/nappliance-nuag-and-directaccess-better-together we highlighted how UAG and DirectAccess are better together and the benefits of connecting through the DirectAccess. In this post we will concentrate on the advantages DirectAccess has over the traditional VPN connectivity and why companies would want to move away from the VPN infrastructure.
Virtual Private Networks (VPN) has always been a preferred method for companies to allow their users to remotely connect to their company resources. Though the solution has been functional and robust, system administrators have realized that they need more control and supervision over company resources connected at remote endpoints. Anyone who has used a VPN understands the challenges one can face while attempting to connect from a hotel or a Starbucks. Long connection times, VPN-client installation, and updating VPN policies to endpoints are but some of the factors which haunt the IT administrator day in and day out.
VPN is quickly losing its dominance in our fast-pace world, where quick and easy access to corporate tools is necessary for efficient work while on the road. Most sales executives spend extended periods of time away from the office where they have to connect back to their company resources to access information or update resources. A company may lose millions of dollars in deals if their sales executives are unable to create leads in their internal sales tools using a VPN connection. The biggest problem for IT administrators is to keep remote machines updated with the latest updates, anti-virus patches, and service packs as these machines are not connected to the internal network as frequently as those located on-premise.
What happens when the user brings an out-of-date, noncompliant computer back to the corporate network after weeks on the road? It is quite possible that the computer became compromised by worms, viruses, Trojans, or other forms of malware. The damage might be limited if you have proper control over the devices connecting to the internal LAN or internal WAN, but most companies don’t. Until the computer receives the latest anti-virus updates from the corporate network, it can potentially infect other client machines and data resources.
The time has changed and so do the technology. DirectAccess gives you the ability to manage the remotely connected endpoints and push updates to keep the client machines up to date on all service packs etc. DirectAccess provides users transparent access to the internal network resources whenever they are connected to the Internet. Microsoft UAG introduces DirectAccess, which enables users to have the same experience working at home or at a wireless hotspot as they would in the office. With DirectAccess, authorized users on Windows 7 computers can access corporate shares, view intranet Web sites, and work with intranet applications without going through a VPN. The diagram below shows the overall architecture of the UAG DirectAccess where a client machine creates a secure SSL tunnel back to the corporate network and can access anything and everything as a user would access locally connected to the LAN.
DirectAccess also benefits IT professionals by enabling them to manage mobile computers outside of the office—anytime, anywhere—even though the computers are not connected to the VPN. Each time a mobile computer connects to the Internet, before the user logs on, DirectAccess establishes a bi-directional connection that enables the client computer to stay up to date with company policies and to receive software updates.
It’s clear that DirectAccess is not only a very cool remote access VPN solution, but is something that will change how you approach the entire concept of VPNs in the future.