• whitepaper-hotpin
  • whitepaper-wsa
  • whitepaper-msa
  • whitepaper-cesa

Secure and Seamless Access Across Physical, Virtual, and Cloud Servers.

  • An Integrated platform that delivers comprehensive, consistent, and secure connectivity across the datacenter and into the cloud for mobile users, on-premises staff, and distributed offices
  • Unified Remote Access for on-premises traditional connectivity (Traditional RRAS based VPN, Microsoft DirectAccess, Web Application Proxy) for enterprise devices as well as BYOD application support
  • Turnkey deployment and a single management interface
  • Reporting, Alerting, and Monitoring
  • Secure remote access to applications in the cloud and on-premises
  • Site-to-Site VPN access between private and public clouds, or multi cloud
  • Makes your cloud migration journey secure through end-to-end auditing and monitoring of connectivity

Product Overview

Today, with the rise of cloud computing, we have a redefined vision of IT. Organizations are increasingly diversifying their IT infrastructure and moving from physical to a mix of physical, virtual, and cloud environments. This transformation in the datacenter is bringing new challenges in getting secure and consistent connectivity across different IT systems, cloud services, and plethora of devices. In virtualized and cloud computing environments, legacy perimeter security solutions are not fully equipped to provide seamless connectivity, critical for utilizing the benefits from scalable, agile, and cost effective cloud infrastructure.


Cloud Edge Security   CelestixEdge E & VE Series Appliances bring the power of the Microsoft Cloud OS into your datacenter. Cloud operating systems and services are now critical, even within private datacenters. Microsoft’s Cloud OS platform tightly integrates with the CelestixEdge Appliances. Our dedicated Cloud OS hardware and management experience extends the best of Microsoft’s battle-tested Cloud OS software, based on Windows Server 2012 R2, into a completely integrated hardware and software platform.



The tightly integrated features of the CelestixEdge Appliance ensure secure and seamless connectivity across datacenter and cloud resources.

  • Unified Remote Access
    Various remote access infrastructure components such as traditional client-based remote access VPN as well as Microsoft DirectAccess are consolidated to provide different connectivity options from a single appliance without the hassle of dealing with different cross-vendor solutions.
  • Microsoft DirectAccess provides secure, always-on connectivity for Windows 7/8/8.1
    DirectAccess helps users to experience the full corporate environment from any location through any internet connection. All assets from intranet websites to line-of-business applications are accessible to the user without any need to connect manually to the enterprise. This reduces connection problems, productivity bottlenecks, and IT support cases. “Always-on” remote management also ensures that all devices are updated and in compliance with group policy at all times. 
  • Traditional cross-platform VPN for Windows, Android, Mac OSX, and iOS access
    Clients using non-Windows devices or those not using the enterprise version of Windows 7/8/8.1 can fall back on traditional VPN for their remote access requirements.
  • HOTPin multifactor authentication integration out-of-the-box
    Celestix HOTPin two-factor authentication integrates with the CelestixEdge Appliance to provide a simple solution to complex password requirements and maximizes security.
  • Web Application Proxy for secure on-premises website access and identity federation
    Web Application Proxy allows administrators to publish applications selectively for external access. It enables end users to access these applications from outside the corporate network using any device. Web Application Proxy pre-authenticates application access with Active Directory Federation Services. It also provides reverse proxy functionality to provide seamless application access to users. It can also be deployed in conjunction with DirectAccess and VPN to provide a comprehensive remote access solution supporting both managed and non-managed devices.
  • Work Folders
    Work Folders that can be used to store and access work files on personal computers and devices from anywhere. For BYOD environments, Work Folders can be a very simple and easy way to access important files. 
  • Workplace Join
    With the explosion of smartphones and tablets, organizations have been debating the benefits and security risks of adopting a bring-your-own-device (BYOD) policy. Workplace Join enables simplified registration of personal and corporate devices, empowering organizations to provide a seamless sign-in experience to company resources from trusted devices.

    Workplace Join works in conjunction with Web Application Proxy by letting users register their personal devices with Active Directory. Organizations can even drive conditional access to applications for these Workplace-Joined devices based on their attributes stored in the directory.

  • Hybrid cloud connectivity between private and public clouds
    Site-to-Site VPN enables access between private and public clouds, or multiple cloud providers by establishing a secure connection from an enterprise datacenter to the cloud infrastructure. This allows users to access resources across clouds without having to explicitly establish individual VPN connection to them.
  • Remote Desktop Gateway for complete and secure remote desktop connectivity
    Remote Desktop Gateway enables authorized users to connect to remote computers on a corporate network from any computer without creating a VPN connection. It uses the Remote Desktop Protocol (RDP) along with the HTTPS protocol to help create a more secure, encrypted connection. Remote Desktop Gateway allows you to share a network connection with other programs running on your computer enabling you to send and receive data over the remote connection.
  Tell us more about your project.

DirectAccess – A Remote Access Solution that Enhances Security and Reduces IT Support Cost

DirectAccess provides a highly secure remote access alternative to client-based VPN while at the same time reducing management and support costs for field-based assets. It is a unique solution designed exclusively for managed Windows clients supported on Windows 7, 8 and 10 Enterprise version.


DirectAccess Highlights

  • Remote users experience full network access as though they are sitting in a corporate office, resulting in greater productivity and reduced helpdesk calls/tickets
  • DirectAccess enables domain-joined devices to connect automatically and securely to the corporate network, using an internet connection
  • With DirectAccess, the remote device automatically connects to the network and is identified and authenticated before the user has even logged on
  • DirectAccess provides seamless, transparent, always-on, and bi-directional secure remote access

Benefits of DirectAccess

Increased Security

DirectAccess is inherently more secure than traditional client-based VPN. This is due to a number of factors. First, a DirectAccess client must be joined to the corporate domain, as its Active Directory computer account is used as a part of the authentication process. In addition, the client must also have a computer certificate issued by the organization’s internal private Public Key Infrastructure (PKI). For additional protection, organizations can choose to also integrate existing smart cards (physical or virtual) or a dynamic one-time password (OTP) solution. All of this provides a high level of assurance that only authorized devices can establish secure remote corporate network connectivity.

Enhanced Compliance

DirectAccess is always on, allowing administrators to exercise a greater degree of control and management of their remote devices. It ensures that remote computers receive regular security updates, thereby decreasing vulnerability to malware attacks and avoiding regulatory compliance problems.

Ease of Use & Reduced Support Costs

DirectAccess provides an unrivaled user experience over VPN. The remote access connection is established securely at the machine level, freeing the end user from the cumbersome process of having to establish a VPN connection when they realize they need it, to access on-premises corporate resources. This makes users more productive while also reducing potential help desk calls/tickets.

Simplified Provisioning and De-provisioning

Onboarding DirectAccess clients is a simple as adding a computer’s account to a security group in Active Directory. All client configuration settings are applied to the client through Group Policy Objects (GPOs). There is no software to install and maintain on the DirectAccess client.

Reduced Cost on Network Bandwidth

Conserve expensive network bandwidth by using DirectAccess. Unlike VPN that uses corporate WAN, DirectAccess routes these connections directly to the internet without using up WAN.



What's New in 2.0


New Re-Designed Remote Access Dashboard

The new re-designed dashboard provides simplified monitoring for Remote Access services and client connections from a single screen in the Comet web user interface. Graphical tools offer easy reference, and statistical data summarizes Direct Access & VPN usage.


New enhanced and mobile-friendly Celestix Comet Management User Interface

Access and manage CelestixEdge appliance through a simple and intuitive web-based user interface, Comet. All the components that are required to configure and deploy your DirectAccess, VPN, WorkFolders, Web Application Proxy are provided in this management tool.  

The new interface is HTML 5 based, and can be administrated securely on any mobile devices.


DirectAccess Kill-Switch

This is a feature not available in the standard Windows Server 2012 R2 DirectAccess. When enabled, the kill-switch will instantly disconnect the DirectAccess connection to the corporate network, in the event the mobile device or notebook computer is compromised or lost.  


New wizards for Web Application Proxy and Work Folders

Now you can configure Web Application Proxy and Microsoft Work Folders for your mobile works in just a few minutes. The wizard is a step-by-step workflow that guides you through the necessary steps to configure the tasks out of the Celestix management interface, without running PowerShell scripts.  


Live Monitoring of Remote Access Connections

Access and monitor the active DirectAccess and VPN tunnels’ statistics in real times. Monitoring of DirectAccess and VPN clients can be done on an on-demand basis, to get a feel of how your current remote access performance is impacted by the number of concurrent users and clients.


Web Management Tool | Comet

Access and manage CelestixEdge E/VE Series appliance through a simple and intuitive web-based user interface, Comet. With a diverse suite of network connectivity options, the E / VE Series reduces administrative overhead of both set up and management for any type of infrastructure, whether it be on-premises, virtual, or cloud.

Functional Overview

  • One click to install a major service (ADFS/Device Registration Service, NPS, DirectAccess/VPN, Web Application Proxy, Remote Desktop Gateway, Remote Desktop Web, Work Folders).
  • Mobile device friendly.
  • Quick access to service status and client usage information.
  • Enhanced reporting for monitoring and compliance requirements.
  • DirectAccess connection Kill-Switch for notebook or device that is compromised or lost.
  • Efficient troubleshooting for DirectAccess client connections.
  • Streamlined connection to Remote Access advanced management.
  • The web user interface supports the latest version of popular browsers (Internet Explorer, Chrome, Safari, Firefox).

Ease of Management

Celestix appliances are preconfigured with Windows Server 2012 R2 and are ready to deploy once unpacked. Administrators can forego the time-consuming* tasks of installing the OS and building the server. Instead, they get to focus immediately on configuring features.

The new release is packed with functionality like simplified configuration, enhanced reporting, and remote monitoring. Once configured, administrators can monitor and manage features from a work station; no need for KVM or RDP access to the appliance.


Feature Details

One-Click Feature Installation

Remote Access functionality includes multiple options, some of which require additional services that can introduce conflicts. Setting up the E / VE Series offers convenient installation for Remote Access roles, and doesn’t allow incompatible features to be configured. Each deployment strategy will customize the available options as best suited to organizational needs. Necessary features are enabled or disabled with one click.

Remote Access Dashboard

Infrastructure maintenance requires evaluation and oversight. The dashboard provides simplified monitoring for Remote Access services and client connections from a single screen in the Comet web user interface. Graphical tools offer easy reference, and statistical data summarizes Direct Access & VPN usage.


Enhanced Reporting functions.

Metrics are essential for IT controls, and are useful for evaluating progress towards Remote Access strategy objectives. Four predefined reports include date and output customization for oversight, auditing, and compliance requirements.


DirectAccess Client Diagnostics

Troubleshooting when clients are unable to connect to the corporate network using DirectAccess can be challenging. The E / VE Series include a tool by Microsoft to collect client-side data which is automatically uploaded as a log file to the appliance. Administrators can review log data online or download it as report. The tool is a simple application end users download and then double-click to run.

Remote Application

If administrators require advanced configuration, the E / VE Series include a convenient link for quick access to the Windows Server Remote Access management console.

*For more information on the benefits of choosing an appliance, read the whitepaper.

CelestixEdge VE Series - Unified Remote Access Solution for Virtual Environments 



button_download your free trial today    

Now Get the Enhanced Unified Remote Access and DirectAccess Features on your Virtual Infrastructure 

The CelestixEdge solution offers unrivaled expertise and experience to simplify the implementation and ongoing management of Microsoft remote access solutions. The VE Series of CelestixEdge extends flexibility and ease of deployment in virtualized environments, where deploying our secure remote access solution as an appliance form factor is not feasible or cost-effective. The CelestixEdge VE Series supports the exact same features as available on CelestixEdge E Series appliances.  

Have DirectAccess already installed on your virtual infrastructure? 

Overlay our virtual solution on top of your deployment to take advantage of our feature-rich web-based user interface that provides enhanced reporting, alerting, and remote monitoring capabilities. 

Want to enable cross-premises network connectivity to public, private and hybrid cloud providers?

The CelestixEdge virtual edition simplifies deployment in the cloud. 

CelestixEdge VE Series Benefits

Flexible Deployment 

Readily download and install the CelestixEdge VE series onto your virtual or physical servers using an turnkey installer. The software solution offers unmatched capabilities to rapidly provision unified remote access solution across your on-premise or datacenter locations. 

IT Cost Reduction 

Compress your datacenter footprint by deploying the VE Series.  No additional rack space or power resources required for the installation. Makes it simple for IT to cut costs, optimize resources, reduce power consumption and improve operational efficiencies. Frees you from managing hardware and lets you focus on managing your network. 

Easy Installation and Automatic Updates 

With our purpose-built software engine – Comet, get advanced configuration of role and feature settings. Install a major remote access service – ADFS/Device Registration Service, NPS, DirectAccess/VPN, Web Application Proxy, Remote Desktop Gateway, Remote Desktop Web, Work Folders in one click.  Enable automated updates to receive software updates and security patches automatically. 

Geo-Redundancy /Prevent downtime/Increase uptime 

Setup for high availability, enable network uptime and geo-redundancy with the virtual instances strategically placed in multiple locations. 

Enhanced Reporting and Remote Monitoring 

Get interactive drill-down reporting using Celestix Comet dashboard. Graphical tools offer easy reference and statistical data summaries of Direct Access & VPN usage. Obtain quick access to service status and client usage information. DirectAccess session termination and automated DirectAccess client troubleshooting; features not available in the standard Windows Server 2012 R2 DirectAccess.  

Support Organization 

Take advantage of our support organization – Celestix Networks offers professional services to assist you with the planning, design, configuration, and implementation of a DirectAccess solution. Our dedicated knowledge support team helps you resolve and troubleshoot your virtual environments. 

Security Hardened 

Locked down virtual environment based on industry security best practices. 

Specs and Requirements 

Hypervisor: Any SVVP certified hypervisor  

SVVP reference:  https://support.microsoft.com/en-us/kb/957006

Server Recommendations  

  • – Operating System: Windows Server® 2012 R2  

  • – CPU (Processor): 2.8 GHz or greater with 4 core  

  • – RAM (Memory): 8 GB or greater   

Browser Requirements  

  • – Google Chrome 40.0 or higher  

  • – Microsoft Internet Explorer 10.0 or higher  

  • – Mozilla Firefox 7.0 or higher  

  • – Safari 5.0 or higher 

Why Deploy CelestixEdge Series?

CelestixEdge E  & VE Series offer dedicated hardware and management software, for end-to-end management of secure access to on-premises and cloud resources. This out-of-the-box solution reduces the cost and complexity of tying together diverse connectivity options. It empowers IT administrators to handle datacenter and cloud workloads smoothly; to support employees wherever they work; and to integrate employees’ personal mobile devices into the enterprise fabric.

Benefits of deploying Microsoft DirectAccess on a Celestix E / VE Series appliance

  • Purpose-built appliance – does not require the level of expertise that do-it-yourself solutions require, they reduce the time to deploy them while reducing total cost of ownership. Administrators are not required to source and procure all the different hardware components, assemble the device, install and harden the operating system, and install and configure the application. Administrators can achieve higher performance with optimized hardware and software.
  • Improved Celestix COMET software engine is the heart of the appliance. The new and improved purpose built software engine and management console is a single interface to manage appliance and software components. It provides an intuitive and feature rich web UI that allows for advanced configuration of role & feature settings and provides automated updates.
  • Enhanced Resilience – Ability to clone HDD profiles as well as integrated back-up and restore functionality for disaster recovery. Hardware-integrated backup and restore functionality for disaster recovery, including off-box HDD cloning.
  • Jog Dial, LCD display and front facing ports enable fast, easy setup, management, and monitoring.
  • Simple Deployment – A pre-configured and standardized platform to reduce time of deployment.
  • Quick Installation – No additional staff time is required to configure and manage CelestixEdge appliance, and the hardware is fully packaged to minimize the burden on your IT staff.
  • Single Source Procurement and Technical Support – Celestix supports every layer of the solution, eliminating problems with hardware compatibility or operating system patches. From hardware and operating system to programs like Advanced Hardware Replacement, customers benefit from the power of one vendor.
  • Out-of-band management – Administrators can monitor the appliance through a dedicated management interface to configure and manage the appliance and remotely power on or power off the device.

Frequently Asked Questions

  • What is Celestixedge Security?

    The CelestixEdge security is a dedicated, purpose-built hardware appliance delivering the Windows Server 2012 R2 Unified Remote Access role including Microsoft DirectAccess. It is a platform that is designed to reduce deployment time, streamline management, and improve performance. The heart of CelestixEdge is the Comet appliance management engine, which has been completely rewritten for CelestixEdge 2.0.

  • Is the appliance accessible via Remote Desktop Protocol (RDP)?

    Yes. Although nearly all aspects of the appliance can be configured and managed exclusively using the Comet 2.0 web-based management interface, there are scenarios where having access to the appliance desktop is required.

  • How do I troubleshoot connection issues?

    Comet 2.0 includes an enhanced diagnostic tool that is designed to streamline and simplify DirectAccess client connectivity troubleshooting. You can provide an end user with the link to the diagnostics page (published using an existing reverse proxy). When a user navigates to the page and clicks on the link to the troubleshooting tool, diagnostics will run on the client and then output will be uploaded to the appliance for review.

  • Can reports be exported?

    Yes. Reports can be exported in either PDF or CSV file formats.

  • Is historical reporting available?

    Yes. Historical activity reports can be access by clicking Remote Access Reports under the CESA section in the main dashboard. By default, all historical activity is displayed. Additional details can be found by clicking on an individual entry. Data can be filtered by selecting one of the Filter options, including start time, user name, hostname, connection type, and protocol. An additional search field is included to perform custom queries.

  • What options are available for remote access session management?

    Comet allows you to proactively terminate active remote access sessions. This feature is not available using the native Microsoft management tools. There are three options for disconnecting a session. Reset Connection terminates the active session and forces the client to reconnect. Disable will deactivate the client’s Active Directory (AD) computer account and terminate the active session, temporarily preventing the client from reconnecting until the account is re-enabled. Remove will delete the client’s AD computer account and terminate the active session.

  • How do I view currently connected users?

    The Remote Access Dashboard provides an instant view of current remote access connectivity on the Celestix E Series appliance, and includes intuitive charts and graphs, broken down by the number and types of connections made. Clicking on the Active Connections icon will show current remote access connections. Additional detailed information about a specific connection can be found by clicking on any entry in the list.

  • Where can I install new features in Comet 2.0?

    Clicking Features under the CESA section of the main dashboard allows you to install or remove features supported by the appliance.

  • What disaster recovery features does Comet 2.0 provide?

    Comet 2.0 provides support for creating appliance images (snapshots) that can be restored in the event of a configuration error or disaster event. Images can be performed online or offline. Images can be viewed, restored, deleted, and scheduled using Comet 2.0. Current imaging status information is also available.

  • Where can I view system performance information?
  • What are the network configuration options?

    All networking can be configured using Comet 2.0 by clicking Network under the System section on the main dashboard. You can view current status and manage configuration, including IP address assignments. In addition, you can access global settings such as DNS suffix information and the HOSTS file, the routing table, and view and configure static routes.

  • Where can I Get additional information about Comet 2.0?

    Comet 2.0 features a robust online help system that includes detailed, contextual information about Comet 2.0 and the appliance. It can be accessed at any time by clicking Help at the top of the screen.

Join to Workplace from Any Device for SSO

Both Work Folders and Workplace Join can be enabled easy via Celestix Comet Web User Interface.

Work Folders

With Work Folders users can store and access work files on personal computers and devices, often referred to as bring-your-own device (BYOD), in addition to corporate PCs. Users gain a convenient location to store work files, and they can access them from anywhere. Organizations maintain control over corporate data by storing the files on centrally managed file servers, and optionally specifying user device policies such as encryption and lock-screen passwords.

Work Folders can be deployed with existing deployments of Folder Redirection, Offline Files, and home folders. Work Folders stores user files in a folder on the server called a sync share. You can specify a folder that already contains user data, which enables you to adopt Work Folders without migrating servers and data or immediately phasing out your existing solution.

Workplace Join

By using Workplace Join, information workers can join their personal devices with their company’s workplace computers to access company resources and services. When you join your personal device to your workplace, it becomes a known device and provides seamless second factor authentication and Single Sign-On to workplace resources and applications. When a device is joined by Workplace Join, attributes of the device can be retrieved from the directory to drive conditional access for the purpose of authorizing issuance of security tokens for applications. With Celestix Cloud Edge, Windows 8.1 and iOS devices can be joined by using Workplace Join.

Screen Shots


Models & Editions


Celestix E3400 Celestix E6400 Celestix E8400
Models E3400 E6400 E8400
Type of Business Designed for small to mid-sized enterprises Designed for large and multinational enterprises Designed for large and multinational enterprises
Recommended Users Below 500 concurrent users 500 to 3,000 concurrent users Up to 5,000 concurrent users
CPU Intel i5 Intel E3 2 x Intel E5
Memory 8GB 16 GB 16 GB
Hard Drive SATA-III Hard Drive 2 x SATA-III hot-swappable hard drive 4 x SATA-III SSDs hot-swappable hard drive
Disk Mirror RAID RAID 1 RAID 10
Gigabit Ethernet Ports 6 6 8
Power Supply 220W auto-switching universal 110/220V AC power supply Redundant hot-swappable power supply – 2 x 500W Redundant hot-swappable power supply – 2 x 500W
Dimensions (H x W x L) 1.75″ x 17.3″ x13.0″ 1.75″ x 17.3″ x 15.7″ 3.5″ x 17.4″ x 26″

VE Series

Models VE3400 VE6400 VE8400
CPU 4 Core 4 Core 8 Core
Number of Processors 4 Cores 4 Cores 12 cores (hyperthreading)
Memory 8 GB 16 GB 32 GB

Technical Library

Hardware Documentation


Contact Us

Contact Us

Try our Live Chat