Microsoft direct access

•

3 likes•2,136 views

Direct Access is a technology that allows devices to connect seamlessly to a corporate network over an IPsec VPN connection. It uses IPv6 and IPsec for an always-on VPN and extends the corporate network to remote PCs and users. Key components include Windows Server 2012 R2, Windows 7/8/10 clients, certificates, Network Location Server, DNS64/NAT64, and firewall settings. Deployment requires enabling IPv6 internally, setting up a Network Location Server, configuring client groups and firewall settings, and enrolling certificates to enable the always-on Direct Access connection from remote devices to the corporate network over the public Internet.

Technology

Microsoft Direct Access
Microsoft Server 2012 R2
HAIRER Martin

WHAT IS DIRECT ACCESS?
THE CONCEPT
COMPONENTS
DEPLOYMENT

MS Direct Access
Direct Access is the ultimate VPN solution that is
one of the enablers for the New Way of Work
Direct Access is always ON
source: microsoft.com

MS Direct Access
Seamless and Transparent Corporate Network
connectivity for Managed Clients
Remote Access
source: microsoft.com

differences to VPN
The DirectAccess
client is always
managed.
The DirectAccess
client is always
serviceable.
The DirectAccess
client uses two
separate tunnels
to connect.

DA Overview
Windows Clients
Corporate Network
Direct AccessVPN
Public Network
osX - Linux Clients
iOS - Android

Bi-Directional
Windows 7+
Corporate NetworkPublic Network
Management
Data/Application

CONCEPT
DirectAccess extends the network to the
remote computer and user
based on
End to End IPv6
source: microsoft.com

COMPONENTS
Windows
Server 2012 R2
Windows 7/8/10
(domain joined)
IPv6 and IPsec
Active Directory
and  
Group Policy

DA COMPONENTS
Certificates  
(PKI)
Network Location
Server
DNS64/NAT64
Name Resolution
Policy Table
Windows Firewall 
Advanced Security

DEPLOYMENT
Public Network Corporate Network
IPv4 Network
DNS64
NAT64
6to4 tunnel
Teredo tunnel
IPHTTTPS tunnel
IPv4
ISATAP
Native IPv6

DEPLOYMENT
Enable
IPv6
internally
Network
Location
Server
Client
Groups
Firewall
Settings
on Clients
Certiﬁcate
Auto
Enrollment
Direct
Access
Server

source: https://directaccessguide.files.wordpress.com/2014/03/setupwizard.jpg

source: https://robertpearman.files.wordpress.com/2012/10/da21_thumb.png?w=644&h=464

source: http://tr1.cbsistatic.com/hub/i/2015/05/07/afbeaa30-f4aa-11e4-940f-14feb5cc3d2a/fig-e-ram-console.jpg

source: https://techontip.files.wordpress.com/2013/03/031013_1145_windows20123.png

source: https://msdirectaccess.files.wordpress.com/2015/01/directaccess_ad_sites_subnet_031.png

What's hot

Da for dummies techdays 2012

Alex de Jong

802 11 3

rphelps

Top 5 Reasons To Deploy Windows 10 With Microsoft DirectAccess

CelestixNetworks

Forefront Unified Access Gateway 2010: An Introduction To Enterprise Features

Fabrizio Volpe

SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...

Farooq Khan

Jabber making the most of

Cisco Canada

Simplifying the secure data center

Cisco Canada

Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...

Interoute

MidoNet roadmap

Jean-Francois Joly

Operations Experience

MidoNet

Introduction to BRAS

KHNOG

Networking deep dive

Jeroen Niesen

Citrix NetScaler engineering continues to deliver new enhancements and cool features. This technical session will highlight five recent NetScaler innovations in virtual application, desktop and server availability and security that can improve your datacenter network and make applications run better and faster. Topics will include faster app acceleration and why developers are building apps to leverage advanced ADC capabilities.

SYN207: Newest and coolest NetScaler features you should be jazzed about

Citrix

Collaboration d’équipe de nouvelle génération (Partie 1 de 2)

Cisco Canada

Scale changes everything. Number of connections and destinations went from dozen to thousands, number of messages increased by order of magnitude. What once was quite adequate for enterprise messaging can't scale to support "Internet of Things". We need new protocols, patterns and architectures to support this new world. This session will start with basic introduction to the concept of Internet of things. Next it will discuss general technical challenges involved with the concept and explain why it is becoming mainstream now. Now we're ready to start talking about solutions. We will introduce some messaging patterns (like telemetry and command/control) and protocols (such as MQTT and AMQP) used in these scenarios. Finally we will see how Apache ActiveMQ is gearing up for this race. We will show tips for horizontal and vertical scaling of the broker, related projects that can help with deployments and what the future development road map looks like.

Messaging for IoT

dejanb

Scale changes everything. What once was quite adequate for enterprise messaging can't scale to support "Internet of Things". We need new protocols, patterns and architectures to support this new world. This session will start with basic introduction to the concept of Internet of Things. Next it will discuss general technical challenges involved with the concept and explain why it is becoming mainstream now. Now we’re ready to start talking about solutions. We will introduce some messaging patterns (like telemetry and command/control) and protocols (such as MQTT and AMQP) used in these scenarios. Finally we will see how Apache ActiveMQ is gearing up for this race. We will show tips for horizontal and vertical scaling of the broker, related projects that can help with deployments and what the future development road map looks like. Martyn Taylor is a senior software engineer at Red Hat, with over 7 years’ experience working on cloud, middleware and messaging software. Martyn currently works on the Apache ActiveMQ suite of projects.

Messaging for IoT

Virtual JBoss User Group

Linux routing and firewall for beginners

n|u - The Open Security Community

PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...

PROIDEA

#Codemotion Rome 2018 - Containers provide a consistent environment to run services. Kubernetes help us to manage and scale our container cluster. Good start for a loosely coupled microservices architecture but not enough. How do you control the flow of traffic & enforce policies between services? How do you visualize service dependencies & identify issues? How can you provide verifiable service identities, test for failures? You can implement your own custom solutions or you can rely on Istio, an open platform to connect, manage and secure microservices.

Stop reinventing the wheel with Istio by Mete Atamel (Google)

Codemotion

ISTIO Deep Dive

Yong Feng

What's hot (20)

Da for dummies techdays 2012

802 11 3

Top 5 Reasons To Deploy Windows 10 With Microsoft DirectAccess

Forefront Unified Access Gateway 2010: An Introduction To Enterprise Features

SDWAN Concept - Certificate and keys Roles in Controllers and vEdge Router Au...

Jabber making the most of

Simplifying the secure data center

Infrastructure Migration from Windows Server 2003 to the Cloud: An Interoute ...

MidoNet roadmap

Operations Experience

Introduction to BRAS

Networking deep dive

SYN207: Newest and coolest NetScaler features you should be jazzed about

Collaboration d’équipe de nouvelle génération (Partie 1 de 2)

Messaging for IoT

Linux routing and firewall for beginners

PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...

Stop reinventing the wheel with Istio by Mete Atamel (Google)

ISTIO Deep Dive

Similar to Microsoft direct access

V mware ssh orange its deck

tracepointmarketing

IronNetworks-MCE-Appliance-Gateway-Datasheet

Vishal Mittal

Moving Enterprise Windows Workloads to AWS – Peter Stanski

Amazon Web Services

Building Enterprise Interoperability Applications Using Microsoft

webhostingguy

Windows 7 For Itpro

Eduardo Castro

Microsoft Azure : Hey ITPRo's Meet Azure .. .again!

Mike Martin

by Kristof Rennen, Mike Martin IaaS in the public cloud, the final frontier. These are the voyages of the Enterprise IT team, it's mission: to be scalable and agile as possible. To achieve their mission goal they can use the new features of Microsoft Azure: •Azure Files •Azure RemoteApp •the new VNET features and it's big brother ExpressRoute •and much much more don't forget: Azure goes to Infinity and … beyond!

azure track -03- it pros meet azure - again

ITProceed

0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf

Saurabh Chauhan

Introduction To ThousandEyes

ThousandEyes

Introduction to ThousandEyes

ThousandEyes

Bus Tour Windows 7 Deck (Full)

Stephen L Rose

Microsoft .Net Framework 2 0

Acend Corporate Learning

Introduction to ThousandEyes

ThousandEyes

Fy10 Software + Services Cloud Overview 2 of 4

David Williams

New Horizons for End-User Computing Event - VMware

Arrow ECS UK

Microsoft India - Technical Overview of Direct Access in Windows 7 and Window...

Microsoft Private Cloud

Microsoft Windows Server 2012 R2 Overview - Presented by Atidan

David J Rosenthal

W7 Enterprise

aralves

W7 for IT Professionals

guest632c73

Technical 201: Moving Enterprise Windows Workloads to AWS The cloud is the new norm for organizations of all sizes. In this session you will learn how to create an entire Microsoft Enterprise environment in AWS that includes AWS Active Directory Service, Simple System Management (SSM) service, MS Exchange and SharePoint. These will further integrate with new end user productivity services such as AWS WorkSpaces, AWS WorkDocs, and AWS WorkMail. Speaker: Dr Peter Stanski, Solutions Architect, Amazon Web Services

Moving Enterprise Windows Workloads to AWS

Amazon Web Services

Similar to Microsoft direct access (20)

V mware ssh orange its deck

IronNetworks-MCE-Appliance-Gateway-Datasheet

Moving Enterprise Windows Workloads to AWS – Peter Stanski

Building Enterprise Interoperability Applications Using Microsoft

Windows 7 For Itpro

Microsoft Azure : Hey ITPRo's Meet Azure .. .again!

azure track -03- it pros meet azure - again

0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf

Introduction To ThousandEyes

Introduction to ThousandEyes

Bus Tour Windows 7 Deck (Full)

Microsoft .Net Framework 2 0

Introduction to ThousandEyes

Fy10 Software + Services Cloud Overview 2 of 4

New Horizons for End-User Computing Event - VMware

Microsoft India - Technical Overview of Direct Access in Windows 7 and Window...

Microsoft Windows Server 2012 R2 Overview - Presented by Atidan

W7 Enterprise

W7 for IT Professionals

Moving Enterprise Windows Workloads to AWS

Recently uploaded

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Abida Shariff

Speed Wins: From Kafka to APIs in Minutes

confluent

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Ever caught yourself nodding along when someone mentions "delivering value" in Agile, but secretly wondering what the heck they actually mean? You're not alone! Join us for an eye-opening session where we'll strip away the buzzwords and dive into the heart of Agile—value delivery. But what is "value"? Is it a mythical unicorn in the world of software development, or is there more to this overused term? This isn't going to be a sit-and-get lecture. We're talking about a face-to-face, interactive meetup where YOU play a crucial role. Come along to: Define It: What does "value" really mean? We’ll build a definition that’s not just words, but a compass for your Agile journey. Contextualise It: Discover what value means specifically to you, your team, your company, and your industry. Because one size does not fit all. Deliver It: Share strategies and gather new ones for uncovering and delivering true value—no more shooting in the dark!

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

David Michel

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

DianaGray10

Knowledge engineering: from people to machines and back

Elena Simperl

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

The Future of Platform Engineering

Jemma Hussein Allen

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Recently uploaded (20)

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Speed Wins: From Kafka to APIs in Minutes

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

How world-class product teams are winning in the AI era by CEO and Founder, P...

FIDO Alliance Osaka Seminar: Overview.pdf

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx

When stars align: studies in data quality, knowledge graphs, and machine lear...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

UiPath Test Automation using UiPath Test Suite series, part 2

Knowledge engineering: from people to machines and back

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

The Future of Platform Engineering

Connector Corner: Automate dynamic content and events by pushing a button

Neuro-symbolic is not enough, we need neuro-*semantic*

Microsoft direct access

1. Microsoft Direct Access Microsoft Server 2012 R2 HAIRER Martin

2. WHAT IS DIRECT ACCESS? THE CONCEPT COMPONENTS DEPLOYMENT

3. MS Direct Access Direct Access is the ultimate VPN solution that is one of the enablers for the New Way of Work Direct Access is always ON source: microsoft.com

4. MS Direct Access Seamless and Transparent Corporate Network connectivity for Managed Clients Remote Access source: microsoft.com

5. differences to VPN The DirectAccess client is always managed. The DirectAccess client is always serviceable. The DirectAccess client uses two separate tunnels to connect.

6. WHAT IS DIRECT ACCESS? THE CONCEPT COMPONENTS DEPLOYMENT

7. DA Overview Windows Clients Corporate Network Direct AccessVPN Public Network osX - Linux Clients iOS - Android

8. Bi-Directional Windows 7+ Corporate NetworkPublic Network Management Data/Application

9. CONCEPT DirectAccess extends the network to the remote computer and user based on End to End IPv6 source: microsoft.com

10. WHAT IS DIRECT ACCESS? THE CONCEPT COMPONENTS DEPLOYMENT

11. COMPONENTS Windows Server 2012 R2 Windows 7/8/10 (domain joined) IPv6 and IPsec Active Directory and   Group Policy

12. DA COMPONENTS Certificates   (PKI) Network Location Server DNS64/NAT64 Name Resolution Policy Table Windows Firewall  Advanced Security

13. WHAT IS DIRECT ACCESS? THE CONCEPT COMPONENTS DEPLOYMENT

14. DEPLOYMENT Public Network Corporate Network IPv4 Network DNS64 NAT64 6to4 tunnel Teredo tunnel IPHTTTPS tunnel IPv4 ISATAP Native IPv6

15. DEPLOYMENT Enable IPv6 internally Network Location Server Client Groups Firewall Settings on Clients Certiﬁcate Auto Enrollment Direct Access Server

16. DEMO

17. source: https://directaccessguide.files.wordpress.com/2014/03/setupwizard.jpg

18. source: https://robertpearman.files.wordpress.com/2012/10/da21_thumb.png?w=644&h=464

19. source: http://tr1.cbsistatic.com/hub/i/2015/05/07/afbeaa30-f4aa-11e4-940f-14feb5cc3d2a/fig-e-ram-console.jpg

20. source: https://techontip.files.wordpress.com/2013/03/031013_1145_windows20123.png

21. source: https://msdirectaccess.files.wordpress.com/2015/01/directaccess_ad_sites_subnet_031.png

22. THX

Microsoft direct access

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Microsoft direct access

Similar to Microsoft direct access (20)

Recently uploaded

Recently uploaded (20)

Microsoft direct access