I attended an internal Microsoft conference in Atlanta last week and need to catch a flight to Seattle for a training session this morning. Delta was providing onboard Wi-Fi internet access on the flight so I was willing to pay $12 to give it a try……I am a geek after all Having access to email and web was great on the flight and allowed me to be productive on the 5 hour flight. Once the Wi-Fi was connected, I of course wanted to connect to link in an email message to a SharePoint site from a inside Microsoft. This was available to me securely and with no user intervention (VPN login, smart card, etc) as my Windows 7 laptop has DirectAccess enabled.
For those who have not seen me present on Direct Access in the past, DirectAccess in my opinion is the single greatest innovation we have added to the Windows platform in the last 5 years. Why when we have added so many great features and security enhancements across the Windows Server and Client? Well simply put, it makes everyone’s life with a corporate computer easier.
Enhance mobility and manageability with DirectAccess
Working outside the office is easier than ever. DirectAccess in Windows 7 and Windows Server 2008 R2 enhances the productivity of mobile workers by connecting them seamlessly and more securely to their corporate network any time they have Internet access—without the need to VPN. When your IT department enables DirectAccess, the corporate network’s file shares, intranet websites, and line-of-business applications remain accessible wherever you have an Internet connection.
Manage remote machines more effectively. Flexibility gives IT the opportunity to service remote machines on a regular basis and ensure that mobile users stay up to date with company policies. With DirectAccess, IT administrators can manage mobile computers by updating Group Policy settings and distributing software updates any time the mobile computer has Internet connectivity, even if the user is not logged on.
Enhance security and access control. To keep data safer as it travels public networks, DirectAccess uses IPv6-over-IPsec to encrypt communications transmitted across the Internet. DirectAccess is designed to reduce unnecessary traffic on the corporate network by sending only traffic destined for the corporate network through the DirectAccess server (running Windows Server 2008 R2), or the administrator can choose to send all traffic through the corporate network. In addition to authenticating the computer, DirectAccess can also authenticate the user and supports multifactor authentication, such as a smart card. IT administrators can configure which intranet resources specific users can access using DirectAccess.
If you want more information, here is some documentation on what you need. Basic requirements: