Maintaining Visibility And Control in a Partly Cloudy World With Microsoft DirectAccess and Pertino
One trend we’ve identified through thousands of customer interactions is that SMBs and SMEs are relying more and more on cloud-based services. It may seem obvious that Pertino, a company offering cloud networking, would receive a higher than average percentage of calls from cloud-reliant companies than traditional hardware providers. This skepticism makes sense. However, a recent study conducted by Nielsen found that 37% of SMBs are relying on cloud services for critical business processes. Surprisingly, SME and Enterprise companies are leveraging the cloud and Infrastructure-as-a-Service in even higher numbers. Ninety-three percent of respondents reported that they are adopting cloud in the RightScale 2015 State of the Cloud Survey.
So what does this mean for IT?
As central IT manages more and more cloud and SaaS applications, providing access to these services from anywhere, end users no longer need to be attached to the LAN to access the tools and resources they need. This migration from on-premises infrastructure to “internet-only” files and applications reduces the need for dedicated connections between remote sites and the headquarters where IT resides. The natural outcome of these trends is for users to become more distributed and offices to be more loosely coupled, creating an entirely new challenge for IT in managing a LAN-disconnected workforce.
This leaves IT departments wondering:
- Without a LAN, how do you maintain control of endpoints?
- How do we maintain compliance in the event of an audit?
- How do we mitigate zero-day vulnerabilities?
- How do we ensure password policies are enforced?
- How do we keep devices patched and updated?
One solution is Microsoft DA (DirectAccess), a service included in Microsoft Server editions. DirectAccess enables IT to maintain visibility and centralized management for any Windows Enterprise/Ultimate devices on the domain, irrespective of location. Richard Hicks, a Microsoft Enterprise Security MVP (Most Valuable Professional) and DirectAccess Consultant, explains that a successful deployment of the service results in end users experiencing LAN-like “always-on” connectivity to local resources while maintaining true domain membership. The advantages are dramatic—especially compared to traditional VPNs. According to Richard, Microsoft has created a product that addresses many of today’s biggest security concerns for Sys Admins, CISOs, and networking folks, in providing an integrated service that enables centralized support and control.
However, DirectAccess is not for everybody. There are a number of prerequisites that quickly rule out most SME businesses from deploying the service.
- Microsoft Enterprise/Ultimate OS requirements for all endpoints
- DirectAccess servers must be deployed at each site
- HA configurations require at multiple DA servers and load balancers
- Cloud-hosted DirectAccess servers are not recommended
- High Infrastructure costs, requiring PKI and additional servers
- No centralized management of users and ACLs
- Reliance on Windows Firewall
For many large enterprises these limitations can often be overlooked due to the availability of qualified personnel and complementary technologies. For deployments where DA is not possible or practical, Pertino fills the gap as an effective DirectAccess alternative.
Pertino’s cloud networking solution provides many of the same benefits as Microsoft DirectAccess with none of the infrastructure overhead or operating system limitations. Configuration is a breeze and all devices are centrally managed via a web console. With built-in ACLs, companies can use Pertino to manage internal employee and contractor access without a hardware VPN. Cloud servers can be added to the domain in the same manner as endpoints, and made accessible without backhauling traffic through HQ.
With technologies like Microsoft DirectAccess and Pertino, Sys Admins can now assure management that all devices are compliant, accessible, and securely managed by IT. That should put a little sunshine in your day. For more information about Pertino, please contact firstname.lastname@example.org