Which connection mode should I use with AS & VDS?

Direct Mode

If clients have direct physical server access, clients can use the Direct Mode connect to a 2X SecureClientGateway through port 80 (1). The client and gateway then negotiate data to establish a session, after which the client initiates an RDP session with the Terminal Server or VDI Host. The client will disconnect from the gateway and establish a new session with the server (2). Direct Mode is the most efficient connection mode, since the gateway is temporary with a minimal data load.

Regular Gateway Mode

With the Regular Gateway Mode, clients also connect to the 2X SecureClientGateway on port 80 (1), negotiate with the gateway to establish a session, and start an RDP session with the Terminal Server or VDI Host. However using this mode, the RDP session is tunneled on top of the first connection. The gateway establishes a connection to the server (2) and forwards RDP requests from the client. This connection mode is ideal when the clients lack direct access to physical servers and no special security requirements are needed.

SSL Mode

In this mode, clients connect to a 2X SecureClientGateway on port 443 (1). Once an SSL tunnel is established, the client and gateway negotiate enough information to establish a secure session and the client starts an RDP session with the Terminal Server or VDI Host, the RDP session is tunneled on top on the first connection. This connection mode is optimal when the clients lack direct access to physical servers and high security safeguards are required.

In short, if your clients have direct access to terminal servers or VDI hosts, the Direct Mode is optimal, resulting in a lighter gateway load. If clients cannot reach the servers directly, users can choose between the Regular Mode and SSL Mode, depending upon what level of security is required.