Everything about Web and Network Monitoring

Home > Server Management > Windows Server 2012 : Towards More Mobility

Windows Server 2012 : Towards More Mobility

In our previous article, Windows Server 2012 – New Advanced Features, we introduced some of the many new features that Windows Server 2012 provides to its clients. In this article we will focus on some more, particularly features that ease remote access.

The opportunity to work from anywhere with nothing more than an Internet connection was a big step in technological evolution. Windows Server 2012 continues to expand this idea. The features that make it easier for customers to decide which operating system to use and whether or not to upgrade are:

  • the improved DirectAccess feature;
  • the ability to use RODCs in branch offices and
  • to cache data there with BranchCache;
  • the Remote Desktop Services for client access;
  • and even the brand new feature called Windows to Go.

The DirectAccess Feature

As the most significant updates are in DirectAccess, we will spend some time examining them. First let’s make it clear what DirectAccess really is. It was introduced in Windows Server 2008 but it was a very limited technology that did not operate that smoothly. If you wanted to use all of its really fancy features you had to develop it through the Unified Access Gateway (UAG), a completely different Microsoft product which you had to buy in addition. Windows Server 2012 now provides a fully featured DirectAccess feature out of the box. It allows specific users in your organization to connect to the corporate network and use its resources without using any VPN software. It also includes the opportunity for the remote computers to be updated with the latest Group Policy settings. This process can take place even if the user is not logged in. If you still need to set up VPN for other users, you can do that as well since in Windows Server 2012 both technologies can coexist on the same server.  DirectAccess is not supported on client operating systems prior to Windows 7, so this is a common scenario. An interesting feature of Windows Server 2012’s DirectAccess is that it can be deployed in two modes – Full Direct Access and Manage Out. If you choose Full Direct Access you give your users the ability to use corporate resources. But if you choose the Manage Out option, you also get the opportunity to remotely manage clients’ computers without even giving them access to the organization. One thing you should keep in mind for DirectAccess though, is that it needs a Network Location server. You can run it on your domain controllers or on your DirectAccess server. Either way it has to be highly available. If it fails, DirectAccess connections can be lost.

Network Access Protection

This was another feature that was introduced with Windows Server 2008. It is now integrated with DirectAccess, so client computers have to match certain security criteria before they are allowed to use corporate resources.

If there are branch offices in an organization, they are usually connected over a not very fast WAN (wide area network) link. In such a scenario it is a good idea to take advantage of the Windows Server’s BranchCache feature. As its name suggests, this feature can be used to cache content in branches. You can deploy it in two modes – distributed cache and hosted cache. In distributed cache mode, when a client requests information from the main office for the first time and receives it, it caches it. So when another client requests the same information it is redirected to the first client and it downloads the information locally over the faster LAN (local area network) link. In hosted cache mode, there are specifically configured hosted cache servers in the branch offices and the information stays on them for other local users to access it. The idea is the same, when a client requests information from the main site for the first time, the information is downloaded but it’s also stored on the hosted cache server. So when another client requests the same information it is redirected to the hosted cache server and it downloads it locally. You could also use RODC (read only domain controllers) in the branch offices so that users can login with cached credentials instead of querying the main site’s domain controllers every time.

For clients with less computing power, the so called thin clients, Windows Server 2012 offers Remote Desktop Services (introduced with that name in Windows Server 2008 and also known as Terminal Services before that). This allows users to take advantage of resource intensive applications running on a central server instead of on their local machine.

The last new thing I would like to mention in my list here is Windows to Go. What it allows you to do is to pack your whole operating system as an image and then boot from it from any computer using a USB stick. There are certain prerequisites though. You should be using Windows 8 Enterprise, Pro is not enough, and you should have a big enough USB stick – 32 GB at least.

With all of these new features on hand, Windows Server 2012 makes remote working a pleasant and easy experience.


About Irina Tihova

Web & Cloud