Using Windows 7 DirectAccess to connect staff to your university network securely

Ever since Windows 7 was launched, I’ve had a steady stream of people asking me if I know of educational establishments who have implemented DirectAccess.

DirectAccess allows you to setup your staff laptops so that they can always have secure access to your university network wherever they are, but without forcing them to use a VPN connection. There are a number of benefits for universities and staff:

  • Unlike a VPN connection, it only reroutes some network access through your network connection, not all Internet access. Which means it doesn’t slow down or filter normal Internet access at home from the laptop.
  • It is transparent to the user – so they just access a network share or VLE folder as they normally would, just as if they are on campus.
  • It can be used with two-factor security (eg a smartcard) so that it meets Cabinet Office guidance on information security on remote access to sensitive student data
  • It minimises the amount of sensitive data that your staff put on their laptop. This could save you getting into hot water with the Information Commissioner’s Office if a laptop goes missing.
  • You can manage your laptops through policies, even if they are rarely connected to your campus network

Although I use it myself (and as a user, I’m a big fan of it, because VPN access used to be slow, and I’d avoid VPN’ing as much as possible) I don’t know of any universities that have implemented it fully.

So I thought that perhaps I should share some resources to help people who are experimenting.

A short video introduction to DirectAccess

There’s a 2 minute video demonstration of it which you can download, which shows how very simple it is for the user.

DirectAccess webcast


View the TechNet DirectAccess webcast home page

In this webcast, John Baker from the TechNet team focuses on the DirectAccess feature in the Windows 7 operating system, which provides secure anywhere access on the network. We explore how DirectAccess makes it easier for IT professionals to manage the network infrastructure and how it helps reduces IT costs. We also discuss how DirectAccess works and how to set up and configure DirectAccess in the network infrastructure. The session includes demonstrations on how to setup and configure DirectAccess on Windows 7-based clients and the Windows Server 2008 R2 operating system.

Networking Enhancements Whitepaper

There’s a whitepaper, called (takes deep breath) “Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises” which takes a detailed look at new networking technologies in Windows 7 and Windows Server 2008 R2, with particular emphasis on enhancements to improve connectivity for a mobile workforce. New features and enhancments including DirectAccess, BranchCache, VPN Reconnect, mobile broadband device support, URL-based QoS, DNSSEC, and support for green computing.

There’s a lot of technical details on DirectAccess (and a lot of acronyms like IPv6, IPsec and 56-bit key encryption) on page 5-6 of this whitepaper

Infrastructure and Planning Guide for DirectAccess

The TechNet site has a growing series of Infrastructure Planning and Design Guides for all kinds of areas – virtualisation, Windows Server 2008, SQL Server, Online Services and the Optimised Desktop. The one that’s relevant is the IPD Guide for DirectAccess in Windows 7.

Want more on DirectAccess?

Head to the TechNet DirectAccess page, for a big bundle of further documents and information that will help.

And if you’ve implemented it in your university, then drop me a line or add a comment, to share your story.

Comments (1)

  1. Office Administration says:

    How do i enable directaccess on windows 7

Skip to main content