The DirectAccess “Branch Office Scenario” is something we discuss often with customers, but I don’t see too many people actually employ this powerful idea. How do you connect your branch offices today? Site-to-site VPN? Those aren’t always the most stable things in the world. MPLS? Better, but how much do you pay for that connection? I’m guessing a lot.
If you are using Microsoft DirectAccess as the remote access technology for your roaming laptops and tablets, you already have the technology at your disposal that empowers you to throw away that pricey WAN link. Turn all of those branch office computers into DirectAccess-connected branch office computers by simply adding them to your “DirectAccess Computers” group, and then give them a regular ole’ internet connection in that branch office. DirectAccess will connect independently on each workstation, giving them all tunnels back to the corporate office for anything that they need to access. Those domain-joined branch office computers will continue to receive security settings, patches, updates and even Group Policy processing, even though they no longer have a “WAN” link back to the main office, because all of these functions work over a DirectAccess connection.
Let me know if you have any questions on this, let’s see how much money we can start saving you by downsizing the networking needs and equipment that exist in your remote offices today.