DirectAccess is a Microsoft solution that can be used as an alternative to a traditional Internet Engineering Task Force (IETF) VPN. It allows remote clients to connect to internal servers without initiating a VPN connection. As long as clients have Internet connectivity, the system should be able to access internal resources using DirectAccess.

Microsoft introduced DirectAccess in Windows 7 and Windows Server 2008 R2 products, as well as continued support in Windows 10 and Windows Server 2019. Once it is configured on the clients and servers, it is relatively invisible to the clients. Client computers connect to the DirectAccess computer, which acts as a gateway to internal resources. Only resources configured for access with DirectAccess are available from clients. In other words, you could have 10 servers in the internal network, but choose to make only a few accessible.

For example, you could configure a Microsoft Exchange server (used for email) with DirectAccess. When a DirectAccess-enabled Windows 10 client connects to the Internet, it would automatically connect to a DirectAccess server. When the user starts Microsoft Outlook, DirectAccess automatically makes the connection to the internal Microsoft Exchange server. In other words, users can be on the road and still use their email client just as if they were in the office. The same process works for any servers that an administrator wants to make accessible on the Internet.

A significant added benefit of DirectAccess is that administrators can execute control over the remote clients. For example, in a Microsoft environment, Group Policy can ensure that a system meets the minimum-security settings. Although this is normally not possible for systems that are disconnected from the internal network, DirectAccess with Unified Access Gateway (UAG) allows an administrator to apply Group Policy to these remote computers.

It is possible to use Network Access Protocol with DirectAccess. You can create policies to ensure that the remote system has specific security measures in place. For example, you can ensure that the system is up to date with current security patches and that it has up-to-date antivirus software installed and enabled.