NAP Time With Windows Server 2008 [70-680 Direct Access and VPN Connections]

Emma Nelson recently posted an article over on the Windows Server HQ website regarding Network Access Protection. I would recommend review the article in it’s entirety.

As part of the Windows 7, Configuring Exam (70-680) you’re going to need to have a good understanding of now NAP works and how it affects users that are connecting via Direct Access or via traditional VPN connections. NAP can also be used on the LAN as well.

Windows Server 2008 uses NAP to restrict network access based on a system by system basis by performing a health assessment check on each computer that connects to the corporate network.

If the client system meets the health benchmark by passing the health assessment check it is granted access the network.

If the computer is in noncompliance, NAP is generally configured to block those systems from accessing the network until they can be made compliant with the health policy.

For the most part there is a set of criteria that is set through the Windows Security Health Validator (WSHV) that can be used to verify that a system meets the health benchmark for a given network which can include the following:

• Verifying that Windows Update is enabled
• Verifying the state of approved software updates and whether they have been installed
• Verifying the state of the firewall client, if it is enabled
• Verifying the state of the anti-virus client and if it is running and the most recent approved definitions are installed
• Verifying the state of the anti-spyware client, if it is running and the most recent approved definitions are installed

You can find out more about NAP from the Network Access Protection TechCenter

Technorati Tags: 70-680,70-680 Windows 7,Windows 7,NAP,MCITP,MCP,MCSE,MCSA,MCTS,Windows Server 2008