Security Considerations for DirectAccess Deployments

DirectAccess is a compelling remote access solution for managed Windows clients. It delivers exceptionally secure remote corporate network connectivity, while at the same time improving the security posture of field-based devices. Implementing DirectAccess involves design choices with security implications. However, many organizations lack clear, concise guidance with regard to DirectAccess security features and configurations.


To address this need, Celestix has made available a whitepaper entitled “Security Considerations for DirectAccess securityDeployments”. This whitepaper includes a brief introduction of DirectAccess, along with a detailed description of the connection and authentication of a DirectAccess client session. It delivers information about network deployment options and additional security configuration choices that can further enhance the overall security of the solution. It also provides a comparison of DirectAccess with traditional client-based VPN. In addition, the paper addresses the challenges of split tunneling and lost or stolen devices, and concludes with a review of the feature and security enhancements that are part of the Celestix E Series appliance platform that delivers DirectAccess.



DirectAccess is commonly deployed to reduce the pain associated with traditional client-based VPN and to simplify the user experience to improve productivity for remote workers. It provides seamless and transparent remote corporate network connectivity for managed Windows clients. DirectAccess is always on, which allows for more effective management of remote Windows devices, resulting in significantly improved client security posture.


A DirectAccess solution is made up of Windows platform technologies. It leverages mature, well understood security technologies like Active Directory and IPsec, as well as industry standard protocols like digital certificates, Kerberos, and AES encryption. To better understand the security ramifications for a DirectAccess deployment, download our whitepaper today. If you would like to know more about our E Series Cloud Edge Security Appliance for DirectAccess, please email [email protected] or call 510.668.0700.

more blogs