An enterprise DirectAccess deployment presents many opportunities to deploy LoadMaster products to eliminate single points of failure and to provide fault tolerance and high availability. The LoadMaster can be deployed to provide load balancing for the following DirectAccess infrastructure components:

  1. DirectAccess Server: The DirectAccess server is the gateway between the corporate network and remote DirectAccess clients. DirectAccess clients are configured using group policy to establish DirectAccess sessions with the gateway. The DirectAccess server itself is a single point of failure and should be configured in a highly available cluster using the LoadMaster.
  2. Network Location Server: The Network Location Server (NLS) is used by DirectAccess clients to determine if they are inside or outside of the corporate network. When a DirectAccess client first establishes network connectivity, a probe is sent to the NLS. If the NLS does not respond, the client attempts to establish DirectAccess connectivity. If the NLS is offline for any reason (planned or unplanned) DirectAccess clients on the internal network may lose connectivity to corporate resources until the NLS is back online. To prevent service disruption, the NLS should be made highly available using the LoadMaster.
  3. Global Load Balancing for DirectAccess: DirectAccess supports multisite deployments, where multiple DirectAccess entry points can be configured in different geographic locations to provide redundancy. Windows 8.x and later clients can automatically select the best entry point to use and can also fail over to another site if their existing location becomes unavailable. The site selection logic used by the client is quite simplistic, however. Organizations will benefit greatly from the use of the LoadMaster GEO feature to provide more intelligent site selection for Windows 8.x clients.
  4. Global Load Balancing for NLS: DirectAccess uses a single Fully Qualified Domain Name (FQDN) for NLS. A minimum of two NLSs configured for load balancing is essential to ensure the highest levels of availability. In some cases, network location servers will be located in different geographies, and it might be desirable to have DirectAccess clients connect to the NLS closest to them. The LoadMaster GEO feature can be used to provide intelligent traffic routing for internal DirectAccess clients accessing the NLS, ensuring that clients always connect to a local NLS.
Note: Users should note that, Progress Kemp supports “Split DNS”. We do not, currently, support “Force Tunneling”.