Microsoft urges businesses to migrate to Windows Always On VPN. This is the reason

Microsoft urges all users to replace Windows DirectAccess with the Always On VPN feature for a more secure remote access solution.

DirectAccess was first introduced in Windows 7 and Windows Server 2008 R2 as a way for users to connect to their corporate network without using a corporate VPN. Now the Big Tech giant has decided to do just that deprecate the functionalitymeaning the feature will not receive any further updates and will be deprecated with the next Windows version.

Always On VPN is then the natural successor to DirectAccess. It was first introduced with Windows Server 2016 and Windows 10 and is considered a more secure alternative as it supports modern VPN protocols used by the best VPN service on the market, including IKEv2 and SSTP. It also includes today’s much-needed multi-factor authentication (MFA).

How to switch to Always On VPN

“In previous versions of the Windows VPN architecture, platform limitations made it difficult to provide the critical functionality needed to replace DirectAccess, such as automatic connections initiated before users log in. However, Always On VPN has softened most of these limitations or expanded its capabilities. VPN functionality that goes beyond the capabilities of DirectAccess,” Microsoft wrote in a official announcement.

Although at the time of writing we don’t know exactly when DirectAccess will stop working, the provider has already shared some tips on how to successfully migrate to Always On VPN.

For starters, it suggests that IT administrators plan the migration ahead. This can help you identify the target audience, infrastructure and functionality at its best. This way you should be able to tackle any problems step by step as they arise.

After you determine your migration stages, Microsoft recommends deploying the Always On VPN infrastructure alongside the existing DirectAccess infrastructure.

Other tips include the steps you need to take to provide the required certifications to customers. Microsoft also recommends using Microsoft Endpoint Configuration Manager or Microsoft Intune to check for issues with the VPN configuration deployments.

Please note that once the migration is fully completed, you will need to remove the DirectAccess configuration from the Settings, DNS Records and Server Manager.

What are the benefits of Always On VPN?

Always On VPN is a useful feature that allows businesses to integrate Windows operating systems and third-party solutions. It limits connections based on traffic types, applications and authentication methods and promises to maintain network security at all times. It also allows you to configure your VPN settings according to your needs.

As Microsoft explains in its official tutorial: “Always On VPN provides connectivity to corporate resources by using tunnel policies that require authentication and encryption until they reach the VPN gateway.”

Key features of Always On VPN include split tunneling functionality, meaning you can choose which connection to include and exclude from the VPN protection. It also allows you to restrict access to specific users and devices (this is critical if you want to implement a zero-trust security approach) while supporting multi-factor authentication (MFA) for added security.

Plus, Windows Always On VPN supports all modern VPN protocols, so you shouldn’t have a problem using the top services.

Suppose you are looking for a reliable business VPN. In that case, I recommend checking out our dedicated guide for more information: Ny Breaking experts regularly test hundreds of software to recommend the best on the market in terms of security and performance. At the time of writing this, our top picks are Permiter 81, NordLayer and Twingate.