I find myself more and more “mobile” these days: I end up working from branch offices or from home more frequently instead of my office in Redmond. Before, I was impacted by connectivity problems and updating my PC out of the office but my experience has much improved, thanks to Windows 7. I thought it would be good to share some of the solutions Windows 7 provides to enable users to stay connected whether they are travelling or working from home (like I do) and enables IT professionals to better manage mobile computers.
The success of an organization is largely dependent on workforce productivity. Workforce productivity is enhanced by keeping the workforce well-connected so that they can then have access to resources irrespective of whether they are at work, home, or on the move.
With the increase in the number of mobile users, growing organizations are finding it difficult to maintain connectivity with their mobile workforce, when they are not connected to the network. This has an adverse impact on the productivity because the users are unable to connect to corporate resources easily. Also, because mobile users remain disconnected when they are outside the network, it is difficult for the administrators to keep the mobile computers up-to-date.
Windows 7 improves connectivity with the help of features such as Mobile Broadband DirectAccess, VPN Reconnect, and BranchCache.
More and more mobile users are using wireless data cards to stay connected to the Internet every day. Currently, wireless data cards come with their proprietary connection manager software and user experience changes with the card and the software used. Even IT administrators find it difficult to support various connection managers for different wireless connections used within their enterprise environment.
With Windows 7, it is much simpler to connect your computer to the Internet using a wireless data card, regardless of which cellular provider you use. The process is similar to connecting to any other wireless network and this is done by using the View Available Networks User Interface.
For example, you can be waiting for your flight at the airport and need to catch up with work. All you need to do is to insert your Wireless WAN card to your computer, soon after you will be connected to the Mobile Broadband connection automatically and be able to navigate through the Web. You do not need to install any additional software, the drivers for your data card is installed on first use—going forward you just insert the wireless data card into your computer, and you are connected to the Internet automatically. If your computer has a built-in data card, you would be connected to the Internet wherever there is a cellular service.
Mobile Broadband, a native Wireless Wide Area Network (WAN) Connection Manager in Windows 7, provides a consistent, unified view of Wireless WAN connectivity for end users and IT Pros alike. The users have a more consistent experience across third-party components regardless of hardware or network service. They also benefit from a single User Interface for all their connectivity needs.
In the office, users have easy access to network resources such as Sharepoint sites, servers, and applications to work and collaborate. The administrators in the IT department can easily keep the computers of the users up-to-date and running smoothly.
As more and more users go mobile, working from homes, cafes, or customer sites, accessing corporate network resources with remote access solutions, such as VPN, becomes difficult. It requires extra effort for users to remain connected to the network. Also, it makes it harder for the administrators to manage mobile computers.
DirectAccess helps mobile users stay more productive when accessing remote information. A mobile user can easily navigate to intranet sites or internal file shares and access documents from a remote location, without establishing a VPN connection.
For example, you might be connected to your Mobile Broadband connection at the airport and you can still access corporate data: shares, sites, files or applications without dialing a VPN. Imagine working as if you are in your office, as long as you have an internet connection!
DirectAccess streamlines the management of remote computers. Administrators no longer need to wait for users to return to office to or connect to VPNs to update the computers. They can now keep the remote computers up-to-date with required policies or updates any time the computers connect to the Internet. The users are not even required to be logged on to the corporate network.
By default, Windows 7 does not deploy DirectAccess automatically. If you choose to enable DirectAccess, you need to deploy Windows 7 Enterprise Edition or Windows 7 Ultimate Edition computers. You also need to deploy Windows Server 2008 R2 DirectAccess Server on the edge of your network.
DirectAccess requires the use of IPv6 so that clients have globally routable addresses. For organizations that are already using a native IPv6 infrastructure, DirectAccess seamlessly extends the existing infrastructure to DirectAccess client computers, and those client computers can still access Internet resources that use IPv4. For organizations that have not yet begun deploying IPv6, DirectAccess provides a straightforward way to begin IPv6 deployment without requiring an infrastructure upgrade. You can use transition technologies for connectivity across the IPv4 Internet. Optionally, you can deploy Forefront Unified Access Gateway (UAG) and extend the benefits of DirectAccess across your infrastructure, enhancing scalability and simplifying deployments and ongoing management.
DirectAccess requires IPSec between the users’ computers and the DirectAccess server. If you need to achieve improved security, you can deploy IP Security (IPSec) for authentication and encryption throughout the enterprise. You can configure DirectAccess to restrict the servers that users and individual applications can access. Optionally you can also configure DirectAccess with smart card authentication. You can integrate DirectAccess with Network Access Protection (NAP) to perform compliance check on client computers before allowing them to connect to internal resources.
With DirectAccess, client computers are always connected, better protected, and easier to manage.
DirectAccess is a new remote-access technology that automatically connects computers to their internal network anytime, even through firewalls. All they need to have is an Internet connection. This gives remote users all the benefits of being in the office when they are outside their office premises. They have constant access to internal resources and their computers can be updated and managed. DirectAccess is targeted for computers that are part of the network of the organization. In other words, DirectAccess is targeted at well-managed, domain joined computers. It is not targeted for home computers.
While many organizations can use DirectAccess as their only remote connectivity mechanism, some of them may still need to use the Virtual Private Network (VPN) technology side-by-side, for example on home computers. Microsoft improves VPN usability in Windows 7 with VPN Reconnect.
Imagine you are traveling and you need to work on a train. To make most out of your time, you use the Mobile Broadband connection to connect to the Internet and then establish a VPN connection to the network of your organization. As the train passes through a tunnel, you lose your Internet connection. However when the train comes out of the tunnel, the Mobile Broadband connection is automatically re-established.
With the earlier versions of Windows, VPN does not reconnect you to the Internet. You need to repeat the multi-step process of connecting to the VPN. This process is time consuming for mobile users with intermittent connectivity. With Windows 7 you do not need to redial your VPN connection every time you lose your internet connectivity. Your VPN connection will reconnect when your internet connection is back on.
With VPN Reconnect, Windows 7 automatically re-establishes active VPN connections when the Internet connectivity re-establishes. While the re-connection might take several seconds, it is completely transparent to users, and they are more likely to stay connected to a VPN and get more use out of internal network resources.
VPN Reconnect uses the Internet Key Exchange version 2 (IKEv2) technology to provide seamless and consistent VPN connectivity, automatically re-establishing a VPN when users temporarily lose their Internet connections. Users who connect using Mobile Broadband will benefit most from this capability.
As companies extend their business and customer base, the number of branch offices increases around the globe. Although this trend helps in the growth process of the organizations it poses challenges with regards to accessibility. Branch offices are often connected to the enterprise with slow bandwidth links. When employees in the branch offices try to access corporate data, their productivity is adversely effected by the network bandwidth limitations and delays in terms of application response time. Attempts to improve the network performance become expensive and hard to implement.
BranchCache in Windows 7 can help an enterprise reduce bandwidth utilization and increase responsiveness when accessing documents, Web pages, and videos stored on file servers and intranet sites running on Windows Server 2008 R2. It facilitates quick access by caching data in the branch office. This results in a user experience that is more like getting data from the local area network.
For example, Alex and Michelle are employees of the Litware, Inc branch office, which is located at Redmond. When Alex walks into the office, he starts the day by accessing his team’s Web site. He immediately realizes that the graphics on the Web site takes a long time to load on his computer. When Alex tries to download the Sales Order form, hosted on the main office server, to his computer, it takes a while for the file to download. What he does not realize is that the IT department has enabled BranchCache and as the file downloads on his computer, behind the scene, BranchCache caches a copy of the content requested from the corporate intranet site or file server. Later in the morning, when Michelle arrives at the branch office she enjoys the benefits of BranchCache. She accesses the team Web site with ease and the graphics load without delay. When Michelle requests the Sale Order form, the file is served from the local cache rather than being downloaded again across the WAN—so she can access the content without waiting. Before serving a file from the cache, BranchCache checks to make sure that Michelle is allowed to access the data and verifies that the cached file is still identical to the one hosted at the main office.
To implement BranchCache, you need to install Windows Server 2008 R2 on the remote file servers, Web servers, and optionally the branch office server on which the cache is hosted. BranchCache supports common protocols such as HTTP, HTTPS, and SMB. Applications that use SMB and HTTP interfaces in Windows 7 and Windows Server 2008 R2 operating systems automatically benefit from BranchCache. Examples of these applications include SharePoint 12, Windows Media Player, Internet Explorer, Flash, Silverlight, Windows Explorer, Robocopy, and CopyFile.
BranchCache also supports network security protocols such as SSL and IPsec. Therefore, it maintains the integrity of information in transit.
Depending on where the cache is stored, BranchCache can operate in one of the two modes: Distributed or Hosted.
In the Distributed Cache mode, content is cached on computer of the requesting users. Copies of these files are sent to other Windows 7 clients as and when they are requested. In this configuration, improving performance is as easy as enabling BranchCache on the Windows 7 computers and on Windows Server 2008 R2 servers at the headquarters. In the Hosted Cache mode, files are cached and retrieved from a server in the branch office running Windows Server 2008 R2. This configuration provides more reliability and availability.
In this way, BranchCache in Windows 7 Enterprise and Windows Server 2008 R2 helps users in branch offices quickly connect to the information they need to be productive, while reducing the load on the WAN to help keep businesses running smoothly!
Huge thanks to Devrim Iyigun on the Windows 7 product team for putting together this post.
I liked it very much at the moment windows 7 users everywhere began to be glad it will be as soon xp thank you for your writing
With the increase in the number of mobile users, growing organizations are finding it difficult to maintain connectivity with their mobile workforce, when they are not connected to the network. This has an adverse impact on the productivity because..
Pingback from Twitter Trackbacks for Understanding Anywhere Access with Windows 7 - Springboard Series Blog - The Windows Blog [windowsteamblog.com] on Topsy.com
This post was mentioned on Twitter by adacosta: RT @MSSpringboard Understanding Anywhere Access with Windows 7: http://bit.ly/1PMfXC ^AT