Ever since Windows 7 was launched, I’ve had a steady stream of people asking me if I know of schools who have implemented Direct Access.
Direct Access allows you to setup your staff laptops so that teachers can always have secure access to your school network wherever they are, but without forcing them to use a VPN connection. There are a number of benefits for schools & staff: Unlike a VPN connection, it only reroutes some network access through the school network connection, not all Internet access. Which means it doesn’t slow down or filter normal Internet access at home from the laptop. It is transparent to the user – so they just access a network share or VLE folder as they normally would, just as if they are in school. It can be used with two-factor security (eg a smartcard) so that it meets Becta’s requirements for remote access to sensitive MIS data It minimises the amount of sensitive data that your teachers put on their laptop. This could save you getting into hot water with the Information Commissioner’s Office if a laptop goes missing.
Direct Access allows you to setup your staff laptops so that teachers can always have secure access to your school network wherever they are, but without forcing them to use a VPN connection. There are a number of benefits for schools & staff:
Although I use it myself (and as a user, I’m a big fan of it, because VPN access used to be slow, and I’d avoid VPN’ing as much as possible) I don’t know of any schools that have implemented it fully.
So I thought that perhaps I should share some resources to help people who are experimenting.
There’s a 2 minute video demonstration of it which you can download, which shows how very simple it is for the user.
View the TechNet Direct Access webcast home page
In this webcast, John Baker from the TechNet team focuses on the Direct Access feature in the Windows 7 operating system, which provides secure anywhere access on the network. We explore how Direct Access makes it easier for IT professionals to manage the network infrastructure and how it helps reduces IT costs. We also discuss how Direct Access works and how to set up and configure Direct Access in the network infrastructure. The session includes demonstrations on how to setup and configure Direct Access on Windows 7-based clients and the Windows Server 2008 R2 operating system.
There’s a whitepaper, called (takes deep breath) “Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises” which takes a detailed look at new networking technologies in Windows 7 and Windows Server 2008 R2, with particular emphasis on enhancements to improve connectivity for a mobile workforce. New features and enhancments including DirectAccess, BranchCache, VPN Reconnect, mobile broadband device support, URL-based QoS, DNSSEC, and support for green computing.
There’s a lot of technical details on Direct Access (and a lot of acronyms like IPv6, IPsec and 56-bit key encryption) on page 5-6 of this whitepaper
The TechNet site has a growing series of Infrastructure Planning and Design Guides for all kinds of areas – virtualisation, Windows Server 2008, SQL Server, Online Services and the Optimised Desktop. The one that’s relevant is the IPD Guide for DirectAccess in Windows 7.
Head to the TechNet Direct Access page, for a big bundle of further documents and information that will help.
And if you’ve implemented it in a school, then drop me a line or add a comment, to share your story.