What is Microsoft Always On VPN?
The official name of AutoVPN is Always-on VPN profile. It is a client-side technology that requires existing VPN solution in place like Cisco AnyConnect. It allows you to configure connection profiles that can connect automatically. AutoVPN requires either an Intune subscription or System Center Configuration Manager to configure.
Now, you are able to deploy Celestix SecureAccess Virtual Appliance or Physical Appliance as an Always On VPN server
Celestix SecureAccess vs. Generic Microsoft Windows Server 201x White Box
Organizations may wonder whether an appliance provides worthwhile advantages over deploying a generic Windows Server 2012 R2/2016 white box. While Server 201x offers a host of connectivity features, most companies don’t have specialized or in-depth knowledge regarding best configuration practices for the features that are now included. To help IT departments handle an ever-increasing scope of services, reducing complexity while maintaining security is essential to advance organizational goals.
Celestix strives to deliver high value to our customers. Our appliances save installation time, ease configuration tasks, and reduce licensing costs. They are hardened for security and undergo extensive, purpose-specific testing. Celestix also adds functionality not available in standard Server 201x deployments. Imminent product releases will provide a wealth of additional features that will continue to return on connectivity investments.
Why Celestix SecureAccess VPN?
Deploying complex connectivity customizations without specific experience or with limited time actually, increases the Organizational risk for information security. The Celestix SecureAccess appliance provides a more secure, cost-efficient deployment option.
Setup Simplicity
Administrators can configure the IP address, subnet mask, default gateway, and static routes in minutes, without the need for a keyboard, mouse, or monitor. The platform also features a compact appliance form factor, allowing our devices to be mounted in any standard 19” equipment rack. Hardware-integrated disaster recovery is also included.
Centralized Administration
The SecureAccess includes the new Comet 2.0 web user interface (web UI). The web UI centralizes general Windows Server administration and Remote Access (RA) configuration, so administrators can go to one place to customize the deployment. One-click installation for several RA features relieves the tedious task of installing features one by one. Administrative efficiency can offset appliance costs by saving IT staff hours.
Tuned Hardware
Our hardware has undergone extensive testing and minimizes the attack surface by engineering just the services and applications that are necessary for security and connectivity. Hardware is hardened based on expertise gained through years of experience in networking security.
Access Multiplicity
Every Organization is different, there is no one size fits all scheme for remote access. The SecureAccess provides for multiple access scenarios and the supporting functions they require. Secure access strategies can include managed/unmanaged devices, application publishing, and facilitation for public and private cloud connectivity.
Expanded Functionality
The SecureAccess improves upon current Server 2012 functionality with exclusive features. Reporting, alerting, and monitoring tools both simplify daily management and support compliance requirements. Real-time connection management provides greater control over user access to resources.
Future Ready
Future enhancements can be added through updates to both Remote Access and the Comet platform. Examples include virtualization, SSO enhancements, and forms-based authentication. By allowing Organizations to leverage new features, the SecureAccess continues to provide value for the investment.
As of today, Microsoft has not announced the End of Life of DirectAccess. It is currently available in Windows Server 2016 Operating Systems. Based on Microsoft’s standard product life cycle, DirectAccess will be available and supported for many years to come.
Comparison Chart
Microsoft Direct Access |
Celestix SecureAccess |
Microsoft Always On VPN |
|
| Type | Software Server based | Appliance or Virtual Appliance based | Client-side only. Supports RRAS, or any VPN servers. |
| Management Tool | Windows Server 2012 R2/Windows Server 2016 | Celestix Comet Web UI | Microsoft SCCM/Intune |
| Delivery | Software | Physical and virtual appliance Amazon Web Services |
Software client only, it requires an existing VPN server deployed. |
| Supported client | Windows 7,8,10 Enterprise only |
Any Windows edition and Mac OSX |
Windows 10 only |
| Protocols Supported |
DA Transition Protocol along with Traditional protocol |
DA Transition Protocol along with Traditional protocol |
L2TP, SSTP, IKE |
| Prerequisites | Domain Join | Domain Join or Non-domain joined for Secure Access | – Domain Join or managed by Microsoft Intune.
– Window 10 Anniversary Update – Have successfully logged in using either corporate |
| Methods of Authentication supported |
Domain Authentication / Radius / Certificate |
Domain Authentication / Radius / Certificate |
– Domain Authentication / Certificate
– Windows Hello |
| Settings delivery | Distributed to the client via Group Policy |
Distributed to the client via Group Policy, Secure Access Offline or SCCM |
Via Intune |
| Reporting | Basic | Enhanced | Not applicable |
| Device Management | No | Yes | Via Intune |
| Hardened OS | No | Yes | Not applicable |
