End-to-End DirectAccess Model
The end-to-end model of DirectAccess has the DirectAccess client establish an IPsec tunnel with each application server that they connect to. This ensures that traffic is protected end to end (hence the name) by the IPsec encryption, including while traversing the intranet.
Figure 24.13 shows the end-to-end connection model. Note that there is a protected (solid line) connection through the tunnel and the DirectAccess server to each of the application servers. This indicates that there are separate IPsec connections to each server, which are protected by encryption not only through the Internet but also through the intranet.
Figure 24.13. End-to-end DirectAccess.
The end-to-end model requires that each application ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
