Forefront UAG DirectAccess is a new solution that provides users with the same experience working remotely as they would have when working in the office. With DirectAccess, remote users can access corporate file shares, Web sites, and applications, without connecting to a virtual private network (VPN).
Forefront UAG DirectAccess establishes bi-directional connectivity with the user’s enterprise network every time the user’s DirectAccess-enabled portable computer is connected to the Internet, even before the user logs on. When using Forefront UAG DirectAccess, users never need to think about whether they are connected to the corporate network. Forefront UAG DirectAccess also benefits IT by allowing network administrators to manage remote computers outside of the office, even when these computers are not connected to a VPN. Forefront UAG DirectAccess enables organizations with regulatory concerns to extend regulatory compliance to roaming computer assets.
The following topics summarize the benefits of Forefront UAG DirectAccess, describe how Forefront UAG DirectAccess works, and what is required to deploy it in your organization:
- Benefits of Forefront
UAG DirectAccess
- Needs and
challenges
- Key Forefront UAG
DirectAccess elements and requirements
- Connections and
tunnels
- Connection
process
- Separating Internet and
intranet traffic
- Using IPsec
- Client
authentication
- Extending IPsec policies
to selected application servers
- Using IPv6 with
Forefront UAG DirectAccess
- Using transition
technologies
- Network location
server
- Certificate revocation
checking
- Using DNS with Forefront
UAG DirectAccess
- Using integrated NAT64
and DNS64 with Forefront UAG DirectAccess
- Forefront UAG
DirectAccess load balancing
- Using Network Access
Protection (NAP) with ForefrontUAG DirectAccess
- Additional
references