Summary and Additional References

DirectAccess has many advantages over VPNs:

  • Users are more productive because intranet resources are seamlessly available any time their computer is connected to the Internet.

  • DirectAccess can connect through firewalls that block VPN connections.

  • Remote client computers stay protected because they can be managed any time they have an Internet connection.

  • Connections can be authenticated and encrypted between a remote computer and the intranet server.

To take advantage of these benefits, organizations can deploy client computers with Windows 7 and DirectAccess server with Windows Server 2008 R2 on the edge of their network. However, VPNs are still required for the following common scenarios:

  • The client computers are running a version of the Windows operating system that was released prior to Windows 7 or a non-Microsoft operating system.

  • The client computers are not a member of an Active Directory domain.

  • The organization has not deployed Windows Server 2008 R2 as the remote access server on the edge of their network.

Most organizations that deploy DirectAccess will also support VPNs for client computers that cannot connect to DirectAccess. However, considering the benefits of DirectAccess together with the other features in Windows 7, we recommend deploying DirectAccess in well-managed enterprise environments.


DirectAccess client computers require Windows 7 Enterprise Edition, Windows 7 Ultimate Edition, or Windows Server 2008 R2.

For a technical overview of DirectAccess, see the DirectAccess in Windows 7 and Windows Server 2008 R2 Technical Overview (

For information about deploying DirectAccess, see the DirectAccess Early Adopters Guide (

Additional references

For a complete view of Windows 7 resources, articles, demos, and guidance, please visit the Springboard Series for Windows 7 on the Windows Client TechCenter.