DirectAccess requires a Public Key Infrastructure (PKI) to provide X.509 certificates for security. DirectAccess requires a range of certificates, including server and client certificates, IPsec certificates. Certificates for Microsoft Forefront Unified Access Gateway (UAG) etc.
The design also has requirements for Autoenrolment and manual enrolment. There are additional requirements for internal and external CRL publication points. Further consideration should be given to use suit B cryptographic algorithms etc.
In real terms, DirectAccess has a huge appetite for properly configured certificates; they have to be derived from a fully compliant PKI.
Contact us for information on how to get your DirectAccess design deployed correctly with the correct PKI certificates and CRL publication points.