+ Post New Thread
Page 3 of 8 FirstFirst 1234567 ... LastLast
Results 31 to 45 of 113
How do you do....it? Thread, School Remote Access - How do you do it? in Technical; DirectAccess works amasingly well at our school. But it did take me 8 months of hard work and 50 reinstalls ...
  1. #31

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    DirectAccess works amasingly well at our school. But it did take me 8 months of hard work and 50 reinstalls to finally figure out how to get around the NAT issue. You do need someone like me with microsoft qualifications to understand how to do it. And once its up and running don't mess with it unless you know what you are doing because once its broke its broke and your looking at a total reinstall.
    I have even ran a sims upgrade from home (took an hour because sims upgrades are nearlly 500mb) but it worked. It is also the only solution where if you are downloading something and move to another access point it will continue the download without cancelling it.
    We can now also filter users internet from home. <-- very important as you could imagine.

  2. #32

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,635
    Thank Post
    49
    Thanked 463 Times in 338 Posts
    Rep Power
    140
    Quote Originally Posted by ScottLogan View Post
    DirectAccess works amasingly well at our school. But it did take me 8 months of hard work and 50 reinstalls to finally figure out how to get around the NAT issue. You do need someone like me with microsoft qualifications to understand how to do it. And once its up and running don't mess with it unless you know what you are doing because once its broke its broke and your looking at a total reinstall.
    I have even ran a sims upgrade from home (took an hour because sims upgrades are nearlly 500mb) but it worked. It is also the only solution where if you are downloading something and move to another access point it will continue the download without cancelling it.
    We can now also filter users internet from home. <-- very important as you could imagine.
    Well I guess that says it all, my Sonicwall SRA's install in less than 30 minutes with no NAT issues at all.

    I must be doing it all wrong, if I have a spare 8 months I might have to give it a try

  3. #33

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    Sonicwall is a VPN connection. DirectAccess is 10 times better. The reason no schools except directly connected to internet schools are not using DirectAccess is because it does not work behind NAT's. I am the only person who knows how to fix it. Thats the reason it took me so long to set it up. For our school to go directly on the internet was a big no no. I don't have the time to do all my own firewalling, filtering etc.
    Here are some reasons schools want this;
    Some users find it difficult to understand how VPN's work and so don't use them so they miss out of features they could use. With DirectAccess it is always on, the user has to do nothing.
    Directaccess works through all firewalls because the last tunnel that it could setup instead of Teredo is HTTPS. So you can support every home users routers.
    DirectAccess will log the user on to your internal intranet.
    The user gets the same internet filters at home as they would at work.
    It can be years before IT will see the laptop again and in some situations when a laptop finally goes back on the network that user could lose all their work becuase GPO's have changed so much. With DirectAccess all laptops will always be up to date with settings.
    Because users save work to a mapped drive on a server when the laptop breaks the user will not lose anywork and IT don't have to spend weeks trying to get the stuff back.
    The schools current infrastructure does not have to change in anyway. IPv4 is supported.
    All network programs work at home so IT do not need to spend time installing it on every laptop.
    combining it with RemoteApp users could get up to date programs instantly without having to install the program and will run in a resizeable window on the users computer. Imagine running one sims update on one server and every single user has the update instantly no matter where they are in the world.
    Connections are much faster over Teredo than VPN's
    The list honestly goes on and on

    Advantages of Direct Access (copied and pasted off the internet)

    User doesn’t have to establish the connection
    User doesn’t have to reconnect if the Internet connection breaks
    Group Policy settings get active before user logs on
    Users can log on to Active Directory, just like in the intranet
    Works together with NAP (Network Access Protection) and NAC (Network Access Control) solutions
    Communication to the corporate network is encrypted with IPsec

  4. Thanks to ScottLogan from:

    tj2419 (31st January 2012)

  5. #34

    Join Date
    May 2011
    Location
    United Kingdom
    Posts
    509
    Thank Post
    125
    Thanked 18 Times in 18 Posts
    Rep Power
    11
    Quote Originally Posted by ScottLogan View Post
    Sonicwall is a VPN connection. DirectAccess is 10 times better. The reason no schools except directly connected to internet schools are not using DirectAccess is because it does not work behind NAT's. I am the only person who knows how to fix it. Thats the reason it took me so long to set it up. For our school to go directly on the internet was a big no no. I don't have the time to do all my own firewalling, filtering etc.
    Here are some reasons schools want this;
    Some users find it difficult to understand how VPN's work and so don't use them so they miss out of features they could use. With DirectAccess it is always on, the user has to do nothing.
    Directaccess works through all firewalls because the last tunnel that it could setup instead of Teredo is HTTPS. So you can support every home users routers.
    DirectAccess will log the user on to your internal intranet.
    The user gets the same internet filters at home as they would at work.
    It can be years before IT will see the laptop again and in some situations when a laptop finally goes back on the network that user could lose all their work becuase GPO's have changed so much. With DirectAccess all laptops will always be up to date with settings.
    Because users save work to a mapped drive on a server when the laptop breaks the user will not lose anywork and IT don't have to spend weeks trying to get the stuff back.
    The schools current infrastructure does not have to change in anyway. IPv4 is supported.
    All network programs work at home so IT do not need to spend time installing it on every laptop.
    combining it with RemoteApp users could get up to date programs instantly without having to install the program and will run in a resizeable window on the users computer. Imagine running one sims update on one server and every single user has the update instantly no matter where they are in the world.
    Connections are much faster over Teredo than VPN's
    The list honestly goes on and on

    Advantages of Direct Access (copied and pasted off the internet)

    User doesn’t have to establish the connection
    User doesn’t have to reconnect if the Internet connection breaks
    Group Policy settings get active before user logs on
    Users can log on to Active Directory, just like in the intranet
    Works together with NAP (Network Access Protection) and NAC (Network Access Control) solutions
    Communication to the corporate network is encrypted with IPsec
    Sorry for some basic questions here this is all new to me.

    1. Does DirectAccess only work with server 2008 and windows 7 (Enterprise & Ultimate ONLY)?
    2. With direct access and remote app are you able to access file shares and school applications over the internet?
    3. Anyone know of a good guide for setting all this up?
    3. Do you pay for extra licenses for the applications?
    4. NAT?

    Thanks Guys

  6. #35

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,635
    Thank Post
    49
    Thanked 463 Times in 338 Posts
    Rep Power
    140
    @scottlogan - Your evangelism for the solution is to be commended and clearly you have put your heart and soul into it and I dare say from what I have read it has some benefits however you appear to have overlooked a couple of things the most important being that Direct Access is built on Server 2008R2 and Windows 7....

    What do the Mac users and IOS devices use?

    I have a free App on my iPad and with one click I'm managing any of the sites that I'm responsible for from anywhere over 3G can I do this with DA?

    http://www.lifeintech.com/blog/2010/...ectaccess.html
    Last edited by m25man; 31st January 2012 at 09:49 PM.

  7. Thanks to m25man from:

    Wolfman (1st February 2012)

  8. #36

    Join Date
    May 2011
    Location
    United Kingdom
    Posts
    509
    Thank Post
    125
    Thanked 18 Times in 18 Posts
    Rep Power
    11
    Has anyone implemented or know roughly how much a citrix solution would cost for 100 concurrent users? Thanks

  9. #37

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    if your laptop has an internet connection it is connected to your site automatically. The two tunnels you can use are Teredo (3544) and HTTPS (443) so if any device between you and the server blocks port 3544 it will switch to 443 which is very unlikly will ever be blocked so you don't have any support calls coming in saying it does not connect.
    according to this article yes mac's are supported. We don't use them Microsoft Forefront Unified Access Gateway - Wikipedia, the free encyclopedia
    1. Does DirectAccess only work with server 2008 and windows 7 (Enterprise & Ultimate ONLY)?
    You need 2008 enterprise server with CA role, 2008R2 UAG server and windows 7 Enterprise or Ultimate ONLY clients. Profressional and below don't support it. your other servers do not need to be 2008R2. You do not need to have IPv6 either it works in an IPv4 environment.
    2. With direct access and remote app are you able to access file shares and school applications over the internet?
    Yes imagin it this way. pick up your work computer, take it home and still have access to everything you normanly do without pressing a button. Then ring your IT guys get them to install a new piece of software and then instantly get it at home without having to install it. It will run just like it would if its actually installed on your PC
    3. Anyone know of a good guide for setting all this up?
    google for forefront uag directaccess white papers. But note it is setup slightly differently if your behind a nat and my solution is completly unique.
    3. Do you pay for extra licenses for the applications?
    yes you nornmanly add it to your microsoft licence agreement or just buy 2008r2 server licence.
    4. NAT?
    Network address translation. If you don't have a direct connection to the internet you are probably behind a NAT. For example we are connected to Updata's network and SWGFL.

  10. Thanks to ScottLogan from:

    tj2419 (31st January 2012)

  11. #38

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,635
    Thank Post
    49
    Thanked 463 Times in 338 Posts
    Rep Power
    140
    The more I look at DA the less I find attractive about it.

    For every good point there seems to be an equally bad one.
    Microsoft UAG is for all intent and purpose is a replacement for ISA Server which was the sledgehammer to smash all walnuts and it seems that the agenda hasn't changed that much.
    As with so many Microsoft Products they seem to be perfect if you happen to be the Consoto Coffee Company but 1200 users on 500 desktops in a state secondary I don't think so.

    An SRA 1200 is about £1500 with 3yrs maintenance the 4200 is about £4k the Virtual Appliance is a lot less.

    User logs in over 443 to a custom portal and reverse proxy gives access to exactly what resources have been defined for them.
    If you need VPN the device will terminate the tunnel and allow full access to the LAN, tunnel all mode forces the remote client to route Internet access through the school gateway.

    Dont get me wrong the transparency of DA to the end user is a fantastic feature but remote access to school is about delivering secure access to school resources from virtually any device anywhere.

    DA and USG is clearly a corporate client solution that doesn't address any of these issues, as such the claim that it 10 times better is a rather unfounded statement.

    When your school is snow bound and the staff need to access the network from their home PC's any one of the commercially available solutions would work whereas DA would only be able to provide a handful of pre defined corporately configured laptops to have access.

    That isn't actually a solution it's a problem!
    I would love to hear from others who have chosen to deploy DA and USG as their Schools RA Solution. I guess if everyone else can get what they need from the VLE then a hand full of SLT can be issued with locked down laptops and DA will do nicely, but there is our sledgehammer and nut scenario....

    I also found this well balanced article about its strengths and weaknesses , http://blogs.catapultsystems.com/IT/...s-and-uag.aspx
    Last edited by m25man; 1st February 2012 at 12:35 AM.

  12. #39

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    It looks unatractive to you because you have an already established connection that you are happy with and solves all your problems. Why would you want to change. If it isn't broke don't fix it. Yes this isn't going to be for everyone. But you are also missing the main masive feature enhancements over your typical VPN connections that i have already stated. As for the price it could be as little as the cost of a 2008r2 enterprise licence. It just depends what you already have onsite.
    "Microsoft UAG is for all intent and purpose is a replacement for ISA Server which was the sledgehammer to smash all walnuts and it seems that the agenda hasn't changed that much."
    Not sure what you mean by this? Uag has ISA Server built in but it has nothing to do with you having to use ISA for anything. Its simply there to build the connection from server to client.
    "As with so many Microsoft Products they seem to be perfect if you happen to be the Consoto Coffee Company but 1200 users on 500 desktops in a state secondary I don't think so."
    No this is an external feature and you are most likly only to deploy to your staff. Here we have 200.
    "Dont get me wrong the transparency of DA to the end user is a fantastic feature but remote access to school is about delivering secure access to school resources from virtually any device anywhere."
    DirectAccess uses IPSec encryption. it is more secure than any VPN connection. You can also attach mobile phones to it.
    "When your school is snow bound and the staff need to access the network from their home PC's any one of the commercially available solutions would work whereas DA would only be able to provide a handful of pre defined corporately configured laptops to have access."
    All our staff have laptops from the school. A contingency plan to say if snow is expected take your laptops home will solve that. (but do you really think there will be that many people wanting to work when they can play in the snow with their kids?)
    Yes i have read that very good article and to quote from it here is another enhancement over VPN's - Teredo technology, its much faster.
    Teredo DirectAccess 3.39 Mbits/sec
    IP-HTTPS DirectAccess 1.37 Mbits/sec
    PPTP (Watchguard x1250e) 2.87 Mbits/sec
    6to4 DirectAccess n/a*

    Anyway the main point is thus - Most schools are on NAT's so have never had the opertunity to look at DirectAccess. Now that i have the ability to make it work when the server is behind a NAT schools now have the option. If schools want to use what you have suggested then fine its down to what that school wants and needs. everyone is different.

  13. #40

    Join Date
    Jan 2012
    Posts
    170
    Thank Post
    8
    Thanked 16 Times in 15 Posts
    Rep Power
    37
    what are the options available to those who haven't gone down the schools/EES licensing agreement, as far as getting Windows 7 Enterprise so as to try those 'Ent' specific features like DirectAccess ? Either in small scale deployments or a working evaluation.

  14. #41

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,885
    Thank Post
    518
    Thanked 2,489 Times in 1,930 Posts
    Blog Entries
    24
    Rep Power
    839
    Quote Originally Posted by ScottLogan View Post
    Sonicwall is a VPN connection. DirectAccess is 10 times better. The reason no schools except directly connected to internet schools are not using DirectAccess is because it does not work behind NAT's. I am the only person who knows how to fix it. Thats the reason it took me so long to set it up. For our school to go directly on the internet was a big no no. I don't have the time to do all my own firewalling, filtering etc.
    To be blunt, please write up how you did this so that others can do it. Its no use to anyone else if you simply say you can do it and leave it at that!

    Here are some reasons schools want this;
    Some users find it difficult to understand how VPN's work and so don't use them so they miss out of features they could use. With DirectAccess it is always on, the user has to do nothing.
    A lack of training does not get resolved via technology in my experience. The solution to a lack of understanding is better training.

    Directaccess works through all firewalls because the last tunnel that it could setup instead of Teredo is HTTPS. So you can support every home users routers.
    SSL VPNs are HTTPS. IPSec works across every single home router I've ever come across - both are standards used in VPNs. Nothing special there.

    DirectAccess will log the user on to your internal intranet.
    As will a VPN.

    The user gets the same internet filters at home as they would at work.
    Same on a VPN.

    It can be years before IT will see the laptop again and in some situations when a laptop finally goes back on the network that user could lose all their work becuase GPO's have changed so much. With DirectAccess all laptops will always be up to date with settings.
    I don't know what kind of school you work in where laptops disappear for years, but that is simply not the case in every school I've ever been to, near or worked with. If staff aren't bringing their laptops in for work to be done on them, then that is a management issue, not a technical one.

    Because users save work to a mapped drive on a server when the laptop breaks the user will not lose anywork and IT don't have to spend weeks trying to get the stuff back.
    Same with a VPN.

    The schools current infrastructure does not have to change in anyway. IPv4 is supported.
    Nor does it with a VPN - just stick an appliance in, plug it in and NAT it across via your firewall.

    All network programs work at home so IT do not need to spend time installing it on every laptop.
    Same with a VPN.

    combining it with RemoteApp users could get up to date programs instantly without having to install the program and will run in a resizeable window on the users computer. Imagine running one sims update on one server and every single user has the update instantly no matter where they are in the world.
    Same with a VPN.

    Connections are much faster over Teredo than VPN's
    Proof needed.

    Advantages of Direct Access (copied and pasted off the internet)

    User doesn’t have to establish the connection
    Double clicking an icon isn't a big issue generally, so I don't really see the advantage.

    User doesn’t have to reconnect if the Internet connection breaks
    This is just the same as the above.

    Group Policy settings get active before user logs on
    Active directory settings are, for the most part, irrelevant when a computer is being used at home for most schools.

    Users can log on to Active Directory, just like in the intranet
    What's the advantage of this? A user takes their laptop home, they're going to be the only person using it, so cached details are fine.

    Works together with NAP (Network Access Protection) and NAC (Network Access Control) solutions
    So do VPNs, as you can hook most up to a RADIUS server with rules in place or whatever you like.

    Communication to the corporate network is encrypted with IPsec
    So do many VPNs.

    "Dont get me wrong the transparency of DA to the end user is a fantastic feature but remote access to school is about delivering secure access to school resources from virtually any device anywhere."
    DirectAccess uses IPSec encryption. it is more secure than any VPN connection. You can also attach mobile phones to it.
    You missed the point there - What about a Mac user? What about someone who is out at a meeting with their iPad and/or the only access they have is HTTP/HTTPS?

    "When your school is snow bound and the staff need to access the network from their home PC's any one of the commercially available solutions would work whereas DA would only be able to provide a handful of pre defined corporately configured laptops to have access."
    All our staff have laptops from the school. A contingency plan to say if snow is expected take your laptops home will solve that. (but do you really think there will be that many people wanting to work when they can play in the snow with their kids?)
    That isn't a contingency plan - that's hoping that the weather forecasters get it right, which over the last few years, they haven't. Also, it requires kind of a large investment, requiring the school to maintain laptops for all staff!

    Yes i have read that very good article and to quote from it here is another enhancement over VPN's - Teredo technology, its much faster.
    Teredo DirectAccess 3.39 Mbits/sec
    IP-HTTPS DirectAccess 1.37 Mbits/sec
    PPTP (Watchguard x1250e) 2.87 Mbits/sec
    6to4 DirectAccess n/a*
    More comparisons needed really.

  15. #42

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    Quote Originally Posted by alttab View Post
    what are the options available to those who haven't gone down the schools/EES licensing agreement, as far as getting Windows 7 Enterprise so as to try those 'Ent' specific features like DirectAccess ? Either in small scale deployments or a working evaluation.
    You will need to get an anytime upgrade to windows 7 enterprise. And buy a 2008R2 Enterprise server because this will support upto 4 VM's to get this working.

  16. #43

    Join Date
    Apr 2010
    Posts
    2,057
    Thank Post
    83
    Thanked 188 Times in 155 Posts
    Rep Power
    84
    Sorry but I don't get it.

    All the points listed for direct access can be done using a free vpn system with the exception of GPO's being applied before the laptops logs in.

    If you take openvpn access server (not to be confused with openvpn) you get an icon on the users desktop, all they do is click this and it connects to a radius server for authentication, after that the user may as well be in the building. The connection will auto reconnect, all network drives get mapped and sims works and updates from home. The system comes in a hyper-v or vmware appliance and can be set up in an hour or so.

  17. #44
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,662
    Thank Post
    166
    Thanked 220 Times in 203 Posts
    Rep Power
    67
    @ScottLogan, can you explain how this will work for staff using their own kit at home where the OS can be anything from XP to Mac OS because as far as I can see it won't...

    It's bad enough having products that are Win7 only, let alone specific variants of that. Seems OK if you want to set up PCs in small outcentre offices (might look at it for us on that front) but for home use seems a complete no-go to me.
    Last edited by gshaw; 1st February 2012 at 09:49 AM.

  18. #45

    Join Date
    Jan 2012
    Location
    Gillingham
    Posts
    27
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    6
    Sonicwall is a VPN connection. DirectAccess is 10 times better. The reason no schools except directly connected to internet schools are not using DirectAccess is because it does not work behind NAT's. I am the only person who knows how to fix it. Thats the reason it took me so long to set it up. For our school to go directly on the internet was a big no no. I don't have the time to do all my own firewalling, filtering etc.
    To be blunt, please write up how you did this so that others can do it. Its no use to anyone else if you simply say you can do it and leave it at that!

    It is impossible to write up how to get the job done when there are so many different network configurations out there. The simple fact is if you have never used directaccess or set it up you will not know how to implement the fix. The fix is not a simple check box you tick. It is an array of complex settings, tricks and software.



    Here are some reasons schools want this;
    Some users find it difficult to understand how VPN's work and so don't use them so they miss out of features they could use. With DirectAccess it is always on, the user has to do nothing. A lack of training does not get resolved via technology in my experience. The solution to a lack of understanding is better training.

    Your experience is valid but i have staff here that a) refuse to use computers b) get very grumpy when they have to learn something new c) just don't have the time for training.
    DirectAccess fixs all that



    Directaccess works through all firewalls because the last tunnel that it could setup instead of Teredo is HTTPS. So you can support every home users routers. SSL VPNs are HTTPS. IPSec works across every single home router I've ever come across - both are standards used in VPNs. Nothing special there.

    see here VPN's: IPSec vs. SSL



    DirectAccess will log the user on to your internal intranet. As will a VPN.

    as far as i am aware not without user intervention. DirectAccess is transparent.



    The user gets the same internet filters at home as they would at work. Same on a VPN.
    Again not without purchasing expensive and complex VPN solutions. DirectAccess is built into windows.





    It can be years before IT will see the laptop again and in some situations when a laptop finally goes back on the network that user could lose all their work becuase GPO's have changed so much. With DirectAccess all laptops will always be up to date with settings. I don't know what kind of school you work in where laptops disappear for years, but that is simply not the case in every school I've ever been to, near or worked with. If staff aren't bringing their laptops in for work to be done on them, then that is a management issue, not a technical one.

    Yes some schools don't have this problem but it is an issue here. Laptops are mobile but some staff do not have the need to carry their laptops with them all the time. I have a users who have their laptops permantly sat at home and all they use it for is writing reports and saving it on pen drives. Why would that user feel the need to ever bring the laptop in?
    Again it is just another situation



    Because users save work to a mapped drive on a server when the laptop breaks the user will not lose anywork and IT don't have to spend weeks trying to get the stuff back. Same with a VPN.
    Only if the user initiates the connection. DirectAccess is always on.





    The schools current infrastructure does not have to change in anyway. IPv4 is supported. Nor does it with a VPN - just stick an appliance in, plug it in and NAT it across via your firewall.
    Like the VPN solution another user comented on you have to buy sometimes buy complex equipment. DirectAccess it built into windows.





    All network programs work at home so IT do not need to spend time installing it on every laptop. Same with a VPN.

    Again DirectAccess is transparent



    combining it with RemoteApp users could get up to date programs instantly without having to install the program and will run in a resizeable window on the users computer. Imagine running one sims update on one server and every single user has the update instantly no matter where they are in the world. Same with a VPN.
    Again transparent




    Connections are much faster over Teredo than VPN's Proof needed.
    Every site is different. I can only quote what other companies have stated.




    Advantages of Direct Access (copied and pasted off the internet)

    User doesn’t have to establish the connection Double clicking an icon isn't a big issue generally, so I don't really see the advantage.

    It's not practicle for every user.



    User doesn’t have to reconnect if the Internet connection breaks This is just the same as the above.


    It's not practicle for every user.


    Group Policy settings get active before user logs on Active directory settings are, for the most part, irrelevant when a computer is being used at home for most schools.

    This is a very relevent issue in some sites for reasons already stated



    Users can log on to Active Directory, just like in the intranet What's the advantage of this? A user takes their laptop home, they're going to be the only person using it, so cached details are fine.

    you cannot cache your intire intranet. again it logs you on transparently to your internal IIS websites



    Works together with NAP (Network Access Protection) and NAC (Network Access Control) solutions So do VPNs, as you can hook most up to a RADIUS server with rules in place or whatever you like.
    yep




    Communication to the corporate network is encrypted with IPsec So do many VPNs.

    The majority of IPSec VPN solutions require third-party hardware and / or software. In order to access an IPSec VPN, the workstation or device in question must have an IPSec client software application installed. This is both a pro and a con.



    "Dont get me wrong the transparency of DA to the end user is a fantastic feature but remote access to school is about delivering secure access to school resources from virtually any device anywhere."
    DirectAccess uses IPSec encryption. it is more secure than any VPN connection. You can also attach mobile phones to it. You missed the point there - What about a Mac user? What about someone who is out at a meeting with their iPad and/or the only access they have is HTTP/HTTPS?

    This is not a solution for everyone or a complete replacement. There is no reason to use both technologise together to achive everything you want



    "When your school is snow bound and the staff need to access the network from their home PC's any one of the commercially available solutions would work whereas DA would only be able to provide a handful of pre defined corporately configured laptops to have access."
    All our staff have laptops from the school. A contingency plan to say if snow is expected take your laptops home will solve that. (but do you really think there will be that many people wanting to work when they can play in the snow with their kids?) That isn't a contingency plan - that's hoping that the weather forecasters get it right, which over the last few years, they haven't. Also, it requires kind of a large investment, requiring the school to maintain laptops for all staff!

    This is never an issue for us here. again this is not a solution for everyone or a complete replacement. There is no reason to use both technologise together to achive everything you want



    Yes i have read that very good article and to quote from it here is another enhancement over VPN's - Teredo technology, its much faster.
    Teredo DirectAccess 3.39 Mbits/sec
    IP-HTTPS DirectAccess 1.37 Mbits/sec
    PPTP (Watchguard x1250e) 2.87 Mbits/sec
    6to4 DirectAccess n/a*
    More comparisons needed really.

    you will never know unless you run your own tests.

    I hope this helps.
    The bottom line is that if you put VPN's and Directaccess side by side in my opinion DirectAccess is much better by a mile. However what changes about what is the best solution is your own personal circumstance. If you have a more of a need for VPN's features then of cause in your opinion will be that VPN's are better.
    Its just a matter of taste.
    Again the bottom line is that it is now possible for schools behind NAT's to consider using DirectAcess when they never had the option.
    All the comments stated are simple pro's that could tick the right box for your site. again it comes down to personal tastes.

SHARE:
+ Post New Thread
Page 3 of 8 FirstFirst 1234567 ... LastLast

Similar Threads

  1. Netsupport School (how have you set it up?)
    By Halfmad in forum Network and Classroom Management
    Replies: 18
    Last Post: 30th January 2013, 10:10 AM
  2. Remote Access - How?
    By Zoom7000 in forum Wired Networks
    Replies: 34
    Last Post: 1st February 2012, 12:43 PM
  3. Replies: 3
    Last Post: 6th April 2010, 05:39 PM
  4. 2008 VM size (vs 2003) - how are you handling it?
    By pete in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 12th June 2009, 12:55 PM
  5. Netsupport school - how have you set it up?
    By Halfmad in forum Network and Classroom Management
    Replies: 8
    Last Post: 6th June 2007, 09:00 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •