While not related to the ISA or TMG firewall, DirectAccess is something that all Microsoft firewall administrators will need to be aware of.
Why? Because DirectAccess is going to give external clients direct access to your network. That means no firewall, no proxy, no edge security device is going to be able to qualify and inspect the communications between these external clients and your corporate network.
Regardless of what you consider the security issues will be with DirectAccess, this is a new technology that will be included in Windows 7 clients and Windows Server 2008 R2 servers, and it’s going to change the way you work with and think about external clients.
Joseph Davies provides a nice introduction to DirectAccess in his article at:
BTW – you will see some interesting stuff regarding DirectAccess in the upcoming UAG, but that’s about all I can tell you right know. Let’s just say that you’re going to be very interested in UAG because DirectAccess requires IPv6, which is going to introduce complications and issues that you’ll need to address.
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer