Geeks With Blogs
Matt Campbell

A recent Channel 9 interview sparked my interest in a new technology called NAP (Network Access Protection) which will be integrated into Windows Server 2008 when it ships next year.

In the interview Jeff Sigman, and Brent Atkison discuss why they created NAP, and how they went about deploying it across Microsoft.

NAP is a technology for controlling network access of a computer host based on the system health of the host by using a variation of health validation servers.

With Network Access Protection, system administrators of an organization's computer network can define policies for system health requirements. Examples of system health requirements are whether the computer has the most recent operating system updates installed, whether the computer has the latest version of the anti-virus software signature, or whether the computer has a host-based firewall installed and enabled. Connecting or communicating computers have their health status evaluated. Computers that comply with system health requirements can communicate with other compliant computers and have normal access to the network. Computers that do not comply with system health requirements will be unable to communicate with compliant computers and can have restricted access to the network.

The one question I had was what the difference was between NAP and any standard NAC applicance.

Jeff replied back stating the differences between the two:
1.) Integrated client available in XP SP3 and Vista.
2.) Able to enforce NAP orthogonally to the logged-on user (since it is an NT service).
3.) 3rd parties can build on top of client and server and extend the scope of what "health" means.
4.) The TCG adopted our Statement of Health (SoH) protocol as a standard - anyone can read the standard and interoperate.

It seems to be a very interesting technology, and I will be testing and fooling around with it here soon as I just downloaded the RC0 build of Windows Server 2008. If you would like to learn more, you can check out the teams blog, the homepage or check out this informative webcast - an introduction to NAP.

Posted on Sunday, October 14, 2007 1:32 AM Microsoft | Back to top

Comments on this post: NAP: Network Access Protection

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Matt Campbell | Powered by: