Windows 7 features stronger connectivity for remote offices
- By Patrick Marshall
- Mar 06, 2009
Microsoft demonstrated new remote office features of the upcoming Windows 7 operating system at the Public Sector CIO Summit in Redmond, Wash., on March 5. Two new capabilities in particular stood out: DirectAccess and BranchCache.
DirectAccess is an alternative to virtual private networks that relieves staff members working remotely of the need to go through tedious authentication to connect to network resources at their agency. DirectAccess employs IPv6-over-IPsec to encrypt communications over the Internet between remote users and the DirectAccess server. Multifactor authentication is supported, though the demonstration only included password and smartcard authentication. Also, IT staff members can also update remote computers via DirectAccess, including updating group policies and installing software updates.
Senior Product Manager Devrim Asli Iyigun wasn’t certain whether other forms of authentication will also be supported at initial release. According to Iyigun, Microsoft doesn’t expect DirectAccess to remove the need for VPNs, at least for a while. That’s because DirectAccess requires Windows Server 2008 and Windows 7 on clients. Any legacy equipment would still need to employ VPNs for access.
Another potentially nifty new feature is BranchCache. As the name implies, it is a scheme for caching data downloaded to a branch office. When one user at a branch office downloads a file across the Internet, it is cached either on that user’s computer or on a BrancheCache server, if one has been set up. When another user then requests the same file it is downloaded from the cache instead of via the Internet. During the demonstration, a file that originally required 26 seconds to download was delivered in only 1 second from the cache.
BrancheCache supports HTTP, HTTPS and SMB protocols.
According to Iyugin, if a branch office is not employing a BranchCache server, cached files will be distributed across client computers even if all requests come from a single machine. That way no one user will end up being the cache repository for all requests.
Patrick Marshall is a freelance technology writer for GCN.