Network Access Protection for non-Network Admin

Network Access Protection (NAP) provides components and an API to help enforce health compliance for systems connected to the network.  Most IT administrators have been exposed to managed anti-virus solutions where a central server pushes out new anti-virus signatures.  Or perhaps you've been exposed to SUS / WSUS or another hot fix management system that allows […]

Network Access Protection (NAP) provides components and an API to help enforce health compliance for systems connected to the network.  Most IT administrators have been exposed to managed anti-virus solutions where a central server pushes out new anti-virus signatures.  Or perhaps you've been exposed to SUS / WSUS or another hot fix management system that allows you to deploy patches from a central location via the Automatic Updates service built into the operating system.  You might have some experience managing the Windows Firewall through group policy and ensuring that the firewall is correctly configured to prevent wide open access to the system or the network.  The problem in the past is that these are all disparate systems with their own back-end servers, management tools and reporting.  Enter NAP.  Using NAP, you can create solutions to validate that systems connected to your corporate network comply with your IT policies.  With a NAP infrastructure, the following benefits are available:

  • Configure system health requirements for NAP-capable systems
  • Specify access enforcement behaviors, including monitoring of the access and communications attempts and recording them for ongoing / forensic analysis
  • NAP-capable systems can update themselves to become compliant (when they initially connect to the network) and then they can download updates / change settings to remain compliant

Full Article

Additional Resources: