• DirectAcess in Windows 7

    by  • January 30, 2009 • Uncategorized

    One of the big frustrations for IT administrators is how to administer and maintain mobile systems. Whether conducting an asset inventory, a risk assessment, a vulnerability scan, or trying to manage system configurations and deploy patches, mobile systems are always somewhat of a wildcard. Many administrators actually have no idea just how many such systems are floating about or what their current state is. Until or unless the systems connect locally or VPN into the network, they are just rogue systems operating as islands unto themselves. It can be an administrative and compliance headache, if not nightmare.

    Windows 7 has a very promising solution that seems like it can solve those issues for IT administrators. DirectAccess enables IT administrators to manage mobile computers…directly. That means that as long as the mobile computer has an Internet connection it can receive Group Policy settings, software distributions, and patch updates. The user does not even have to be logged on. With the growing number of users relying on laptops and other mobile computing devices, the ability for IT administrators to manage and protect those systems (and the data they contain) is critical.

    DirectAccess uses IPv6-over-IPSec to encrypt data as it is transmitted over the public Internet. DirectAccess authenticates the computer and the user to the corporate network and even supports multi-factor authentication methods such as smartcards.

    I will post a much more in depth look at how DirectAccess works and more details about how it will benefit organizations and IT administrators in the near future. For now, suffice it to say that I feel like DirectAccess is a huge advantage for Windows 7 and a feature that many corporate IT administrators will be drooling over.

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com