0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn

Insights and Updates.
Made for you.

You are here:
Posted on Friday, 24 April 2015

Microsoft DirectAccess – Secure Remote Access Solution.

Written by

Microsoft DirectAccess in Windows 7 and 8.1 have both been certified as meeting the equivalent of Foundation Grade requirements, as described in the IPsec Client SC CESG document.

With many organisations moving towards a mobile and flexible working strategy, the need for secure remote access is ever increasing. Implementing a secure solution that is not only certified by CESG for PSN, convenient and easy to use for businesses, is a cost effective solution, and at the same time upholds confidentiality, Integrity and availability is always going to be a challenge.

Welcome DirectAccess.

Microsoft DirectAccess in Windows 7 and 8.1 have both been certified as meeting the equivalent of Foundation Grade requirements, as described in the IPsec Client SC CESG document, when using DirectAccess to connect to Windows Server 2012 R2. This means that DirectAccess can be used by government office’s for OFFICIAL and OFFICIAL-SENSITIVE business.

Microsoft’s DirectAccess remote access technology allows for a secure seamless and transparent always on network connection back to the corporate environment. It uses a collection of widely deployed industry standard protocols for its connection. Authentication occurs at several stages of the multi-tunnel IPSec connection and uses a combination of digital certificates, NTLM and Kerberos. Clients are configured through group policy. A specific set of CPA customisations are needed to configure DirectAccess in order to be compliant in CESG assured manner.

DirectAccess commonly already falls under many organisations ‘Microsoft Premier Agreement’ making it a cost effective viable solution to deliver. However you should always check with your Technical Account Manager that this is the case for your organisation.

Here at Aristi our cyber security consultants can review your Remote Access Architectural Design of DirectAccess and verify that its configuration falls in line with CESG PSN coco framework to keep your information secure.

If you have any queries regarding its implementation or security implications for your organisation we can offer advice.

To discuss your requirements in more detail please contact Martyn on 0121 222 5630 or email martyn.butcher@aristi.co.uk.


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


    Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

    Latest Tweets

    A useful reminder of the data protection obilgations on businesses. Key is to understand the risks and apply approp… https://t.co/9Bhsxk89Jf
    Some useful info from the ICO on home working and data security. https://t.co/yWfOWJNxS4
    COVID-19 update https://t.co/wRDHY7IR6Q

    Subscribe to our Newsletter

    Latest Blog Posts

    • Pulse Secure Vulnerability

      Share the post “Pulse Secure Vulnerability” FacebookTwitterShare… By Dave Buckley On 16th of April 2020 the CISA released an alert covering continued exploitation of pulse secure VPN’s post patching. This is an update to the original alert the CISA published back in January 2020 which advised organisations to immediately patch CVE-2019-11510. Pulse secure released patches […]

      Written on Thursday, 07 May 2020
    • COVID-19 Update

      Share the post “COVID-19 Update” FacebookTwitterShare… Aristi has made preparations to protect our operations from disruptions caused by the Coronavirus (COVID-19) outbreak. Our aim as always is to provide an excellent service to our customers, and we will continue to do so through this uncertain time. We will be monitoring the situation closely and following […]

      Written on Tuesday, 14 April 2020
    • Testing as a Service

      Share the post “Testing as a Service” FacebookTwitterShare… Aristi has developed an innovative new cyber security service to give businesses and public sector organisations reassurance that they are doing all they can to defend against hackers. Many organisations conduct annual IT Health Checks to identify security weaknesses in their IT systems. However, a cyber-attack can […]

      Written on Monday, 24 February 2020