I have to disagree a little bit :)
Rich's post is true and when you enable VPN on a DirectAccess server it does force all of the IP-HTTPS connections to be doubly encrypted, which does cause slowness. But, once you start using DirectAccess you'll find that the majority of your connections
would probably be IP-HTTPS anyway. Having Teredo enabled is always something that I shoot for in any installation, but it's not always possible. You need to have public IP addresses on the External NIC of the DirectAccess server (this implies you need to run
two-NIC mode - which I absolutely recommend anyway - I've had too many bad experiences with single-NIC mode to ever recommend it for a production environment). As soon as you NAT traffic coming into a DA server, Teredo is off the table. Also, most people turn
on DA by using the Getting Started Wizard, which also disables Teredo. Even in cases where Teredo is available on the DA server side, anytime that the client is sitting on an ISP connection that blocks UDP, which is the case more and more with port restricting
routers being installed into hotels and coffee shops and everywhere, Teredo isn't going to be able to connect in that situation anyway and the client will fall back onto using IP-HTTPS. I only make these points to show that most DA installs are running IP-HTTPS
only, and the speed is not unusable.
When you compare Teredo and IP-HTTPS side by side, yes Teredo is faster on the client side. But speed of DA, as with any VPN, matters quite a bit on the client's internet connection. A slow internet connection is going to equate to a slow DA connection,
no matter what transition protocol is carrying their IPsec tunnels.
I know many companies who use combination DA/VPN servers for their only remote access solution, and are very happy with it, both Windows 7 and Windows 8, usually a combination of the two.