DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet. DirectAccess establishes bi-directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.
You can use the DirectAccess Management Console to set up a DirectAccess infrastructure by performing the following tasks:
- Specify the client computers that can use
DirectAccess by selecting the security groups to which they
belong
- Configure the network adapters on the
DirectAccess server that are connected to your internal network and
the Internet and the certificates that you want to use for
authentication
- Configure the location of an internal Web
site so that DirectAccess client computers can determine when they
are located on the internal network
- Configure the Domain Name Service (DNS) names
that must be resolved by internal network DNS servers
- Identify infrastructure servers (network
location, DNS, and management servers)
- Identify application servers for optional
authentication
When you monitor DirectAccess, use the DirectAccess Management Console to determine the state of DirectAccess components that are running on the server.
Additional references
Understanding DirectAccess Components
Understanding DirectAccess Deployment Models
For more information, see the DirectAccess home page on Microsoft Technet (http://go.microsoft.com/fwlink/?LinkID=142598).