0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn Follow Aristi Ltd on Google Plus

Insights and Updates.
Made for you.

You are here:
Posted on Friday, 24 April 2015

Microsoft DirectAccess – Secure Remote Access Solution.

Written by

Microsoft DirectAccess in Windows 7 and 8.1 have both been certified as meeting the equivalent of Foundation Grade requirements, as described in the IPsec Client SC CESG document.

With many organisations moving towards a mobile and flexible working strategy, the need for secure remote access is ever increasing. Implementing a secure solution that is not only certified by CESG for PSN, convenient and easy to use for businesses, is a cost effective solution, and at the same time upholds confidentiality, Integrity and availability is always going to be a challenge.

Welcome DirectAccess.

Microsoft DirectAccess in Windows 7 and 8.1 have both been certified as meeting the equivalent of Foundation Grade requirements, as described in the IPsec Client SC CESG document, when using DirectAccess to connect to Windows Server 2012 R2. This means that DirectAccess can be used by government office’s for OFFICIAL and OFFICIAL-SENSITIVE business.

Microsoft’s DirectAccess remote access technology allows for a secure seamless and transparent always on network connection back to the corporate environment. It uses a collection of widely deployed industry standard protocols for its connection. Authentication occurs at several stages of the multi-tunnel IPSec connection and uses a combination of digital certificates, NTLM and Kerberos. Clients are configured through group policy. A specific set of CPA customisations are needed to configure DirectAccess in order to be compliant in CESG assured manner.

DirectAccess commonly already falls under many organisations ‘Microsoft Premier Agreement’ making it a cost effective viable solution to deliver. However you should always check with your Technical Account Manager that this is the case for your organisation.

Here at Aristi our cyber security consultants can review your Remote Access Architectural Design of DirectAccess and verify that its configuration falls in line with CESG PSN coco framework to keep your information secure.

If you have any queries regarding its implementation or security implications for your organisation we can offer advice.

To discuss your requirements in more detail please contact Martyn on 0121 222 5630 or email martyn.butcher@aristi.co.uk.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

Still using Windows 7? https://t.co/TZq4J1xXNl
https://t.co/yRF05uVC9i These scams are getting more realistic. User awareness is crucial to detect malicious emails from legitimate ones.
If Marriott Hotels couldn’t protect their data when they were subject to data breaches, how can your business?:… https://t.co/2DKYoum6zP

Subscribe to our Newsletter

Latest Blog Posts

  • 500 million customers can’t sleep easy with Marriott data breach

    Share the post “500 million customers can’t sleep easy with Marriott data breach” FacebookGoogle+LinkedInTwitter The world’s largest hotel chain, Marriott Hotels, announced on Friday (November 30, 2018) that half a billion of its customers’ data had been breached dating as far back as 2014. Marriott owns more than 5,800 properties around the world with 1.1 […]

    Written on Wednesday, 12 December 2018
  • Virtual Data Protection Officer

    Share the post “Virtual Data Protection Officer” FacebookGoogle+LinkedInTwitter The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities. To support your on going GDPR compliance and management requirements, we can provide a Virtual Data Protection […]

    Written on Thursday, 10 May 2018
  • Protecting Businesses with Cyber Essentials

    Share the post “Protecting Businesses with Cyber Essentials” FacebookGoogle+LinkedInTwitter The lack of basic cyber security controls remains a significant factor in the vast majority of cyber attacks in the UK today. Businesses are left worried about hackers, data loss and security, and are not sure where to turn. The scale of the threat is nothing […]

    Written on Monday, 05 March 2018