The five major reasons why an organization would choose to implement DirectAccess on their network server include no user input, “always-on” nature, increased security, reduced support costs, and deployability in existing infrastructure. The first reason refers to the fact that no user authentication is needed for DirectAccess because clients must be joined to the domain. The second reason is due to the tool’s seamless and transparent presence because the connections are established not by the user but by the machine. In other words, one does not need to launch a separate software in order to turn on DirectAccess. The third reason is manifested in the notion of DirectAccess being inherently more secure than traditional VPN tools. It utilizes multifactor authentication, connections are bidirectional, uses Public Key Infrastructure or PKI, and is attached to the domain. The fourth reason is that no additional support costs are needed in terms of hardware or software. The fifth reason is that it can be readily used on the existing infrastructure.
The two most common reasons are user experience and low costs. The lack of additional hassle of authorization, software launch, and constant problems with firewalls make DirectAccess significantly more compelling in terms of the user-friendly experience offered by the service. In addition, organizations do not want to invest heavily into additional software and sometimes even hardware in order to accommodate a new security tool when DirectAccess is available. The logical replacement for DirectAccess is Always On VPN, which is being promoted as an alternative for the former. It is important to note that any form of “always-on” VPN, which is user friendly and does not incur additional costs, can be considered a viable option.