Windows Server 2008 R2 introduced DirectAccess, a new remote access feature that allows connectivity to corporate network resources without the need for traditional Virtual Private Network (VPN) connections.
Windows Server 2012 combines the DirectAccess feature and the RRAS role service into a new unified server role. This new Remote Access server role allows for centralized administration, configuration, and monitoring of both DirectAccess and VPN-based remote access services. Additionally, Windows Server 2012 DirectAccess provides multiple updates and improvements to address deployment blockers and provide simplified management. This course will cover different deployment options and implementation details to illustrate the capabilities of DirectAccess with Windows Server 2012 and Windows 8 Clients.
Windows Server 2012 DirectAccess includes features to facilitate deployment, particularly for small and medium size organizations. These new features include a simplified prerequisite list, removal of the need for a full PKI deployment, integrated certificate provisioning, and removal of the requirement for two consecutive public IPv4 addresses. Administrators can now deploy DirectAccess using a new Getting Started Wizard, which presents a greatly simplified configuration experience. The Getting Started Wizard masks the complexity of DirectAccess, and allows for an automated setup in a few simple steps. The administrator no longer requires an understanding of the technical details of IPv6 transition technologies and Network Location Server (NLS) deployment.
In this module, you will learn about the key components that are involved in a DirectAccess Deployment with Windows Server 2012. Some of the Components are: Network Location Server(NLS), Name Resolution Policy Table (NRPT), NAT64/DNS64 Support, IPSEC Tunnels, and NAT support. This Module also demonstrates a single server DirectAccess deployment where intranet resources are available through IPv4 only.
Windows Server 2012 DirectAccess provides the ability to configure a Network Access Protection (NAP) health check directly through the setup user interface. This feature automates the policy modifications needed for NAP integration. NAP health check enforcement can be enabled from the Remote Access Setup Wizard. In this module, we will demonstrate the implementation of NAP on an existing DirectAccess deployment.
DirectAccess deployments have quickly grown beyond the point where a single server can provide adequate processing power. Enterprises need the flexibility to deploy additional servers quickly and transparently to meet changing load requirements. Windows Server 2012 DirectAccess addresses these issues through built-in support for Windows Network Load Balancing (NLB) to achieve high availability and scalability for both DirectAccess and RRAS. The NLB configuration is simple to setup and automate through the new deployment wizard interface. The setup process also provides integrated support for third party external hardware-based load balancer solutions. In this module, we will configure NLB support for DirectAccess deployment.
Windows Server 2012 DirectAccess provides a solution that allows for deployment of multiple DirectAccess entry points across geographic locations, and allows clients regardless of their physical location to access resources within corpnet in an efficient manner. Windows Server 2012 Remote Access servers can be configured in a multisite deployment that allows remote users in dispersed geographical locations, or in the same geographic location for business continuity reasons, to connect to the multisite entry point closest to them. DirectAccess clients determine the nearest DirectAccess server based on the round trip time for the connection. In this module, we will configure MultiSite support for DirectAccess.