Mapping Your Deployment Goals to a DirectAccess Design
Applies To: Windows 7, Windows Server 2008 R2
Important
This topic describes design considerations for DirectAccess in Windows Server 2008 R2. For the design considerations of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Design Guide (https://go.microsoft.com/fwlink/?LinkId=179988).
After you have reviewed the DirectAccess deployment goals and determined which are appropriate for your organization, you can map those goals to a specific design.
The following table shows how well the DirectAccess designs meet the deployment goals discussed in Identifying Your DirectAccess Deployment Goals.
| DirectAccess deployment goal | DirectAccess elements or features |
|---|---|
Transparent and automatic remote access for DirectAccess clients |
Functionality in the DirectAccess server and clients |
Ongoing management of remote DirectAccess clients |
Bidirectional connections whenever the computer is connected to the Internet |
Efficient routing of intranet and Internet traffic |
Use of the Name Resolution Policy Table (NRPT) and Internet Protocol version 6 (IPv6) to separate Internet and intranet traffic |
Reduction of remote access-based servers in your edge network |
Access to intranet resources through the DirectAccess server |
End-to-end traffic protection |
The selected server and end-to-end access models |
Multi-factor credentials for intranet access |
Smart card authorization on the intranet tunnel |