Moving to an always connected world


I was browsing through some of the PDC reporting, when this announced feature of Windows 7 caught my eye; DirectAccess. It’s supposed to be a VPN which you don’t have to set up, it just magically works.

Really? I didn’t know that VPN’s were so hard to set up. My personal experience is with managing OpenVPN (on Windows and Linux), but I also used Windows VPN’s with PPTP (again with Windows and Linux clients). It newer took more than 5 minutes to set up, this is counting the installation of software!

In MS view are Windows sysadmins so incompetent that they need a magic pixiedust one-click-does-it-all solution? And if yes, do they think that the same sysadmins who will enable this have any idea about security? “Access all of your network shares from anywhere” – this includes from a stolen laptop.

There needs to be a barrier of complexity for such software, which makes the person who is setting it for the first time read the documentation and hopefully get a few security tips on the way.

, , ,

2 responses to “Moving to an always connected world”

  1. > In MS view are Windows sysadmins so
    > incompetent that they need a magic
    > pixiedust one-click-does-it-all
    > solution?

    In the MS view there is no systems administrator, just a user who has access to the Administrator account.

    That's not so much intentional as it is a realistic view of the Microsoft customer space.

  2. @padraig: I agree with you. However making it so that they can enabled/disable a feature which has such a wide ranging security implications with a mouse click is a step in the wrong direction (IMHO).

    If they need to read documents where it is clearly spelled out that you shouldn’t do X there might be a chance that they won’t do X (then again, this might be the equivalent of “are you sure” messageboxes where everyone clicks yes without thinking…)

Leave a Reply

Your email address will not be published.