Network Access Protection (NAP) System Health Agent/Validator (February 12, 2007)
Chat Topic: Network Access Protection (NAP) System Health Agent/Validator (SHA/SHV) SDK
Date: Monday, February 12, 2007
Christian (Moderator):
Hi everyone- welcome to today’s chat
Christian (Moderator):
Today’s Chat topic: Network Access Protection (NAP) System Health Agent/Validator (SHA/SHV) SDK
Christian (Moderator):
Your questions, comments and feedback are welcome. We’ll get started in a few minutes.
Christian (Moderator):
We are pleased to welcome our Experts for today’s chat. I will have them introduce themselves now…
atacanc [MSFT] (Expert):
I am Atacan Conduroglu. I work in NAP test team and am responsible for NAP graphical user interface.
Kevin [MSFT] (Expert):
Hi, my name is Kevin. I am the Program Manager for Network Access Protection.
Greg Lindsay [MSFT] (Expert):
Hello, my name is Greg Lindsay and I am a technical writer for NAP.
Howard Lee[MSFT] (Expert):
Welcome to the webchat. I'm a test engineer and have been working on NAP for 3 years. I'm responsible for a few NAP test tools.
Christian (Moderator):
Please feel free to begin asking your questions and remember to check the “ask the experts” box before sending. Thanks.
Introductions
Lambert [MSFT] (Expert):
Hi, my name is Lambert, I am tester for NAP.
Chris [MSFT] (Expert):
Hello all, I'm Chris Edson; I'm a tester on the NAP team and have worked with NAP for several years now.
Ambrish [MSFT] (Expert):
Hi Everyone! I am Ambrish, developer on NAP team.
Howard Lee[MSFT] (Expert):
This is a webchat for Network Access Protection. For questions outside of our scope, please go to the newsgroup or web forum on technet.
Howard Lee[MSFT] (Expert):
You may find newsgroups and web forums on http://www.microsoft.com/technet/community/default.mspx
Start of Chat
atacanc [MSFT] (Expert):
Q: Is NAP available for .NET?
A: There is no .Net specific objects or interfaces for programming SHA/SHV’s. But the interfaces are COM interfaces and , with .NET com-interoperability one can use .NET library and languages to write their own SHA/SHV.
Howard Lee[MSFT] (Expert):
Are the SDK samples intuitive and simple to follow?
Howard Lee[MSFT] (Expert):
Q: I am trying to catalog all security enhancements in Vista as compared to XP. It appears as if all NAP clients are connected via VPN/IPSEC to Longhorn server on the network. Is this the only environment, and if so, is there any advantage for Vista client?
A: There are other environments: DHCP, 802.1x, RAS.
Chris [MSFT] (Expert):
Q: Are there any samples/examples for implementing the UI component for an SHV that hooks into NPS?
A: If you are a member of the TAP program (and have access to Beta builds and prior SDK samples for NAP) then an update will be forthcoming with the Longhorn Server Beta 3 version of the Platform SDK - and it will include an example of how to use the SHV configuration UI APIs. We may also be able to post it prior to Beta 3 on the MSConnect site (as we've done with prior sample updates), but I'll not guarantee that as yet. Look for it for sure in the Beta 3 SDK.
Chris [MSFT] (Expert):
Q: I am trying to catalog all security enhancements in Vista as compared to XP. It appears as if all NAP clients are connected via VPN/IPSEC to Longhorn server on the network. Is this the only environment, and if so, is there any advantage for Vista client?
A: IPSec can also be used independently of VPN.
Howard Lee[MSFT] (Expert):
Q: Do you find the SHA/SHV interfaces comprehensive for your purposes?
Kevin [MSFT] (Expert):
Q: In the VPN/IPSEC, DHCP, 802.1x, and RAS environments, are there any features that access advanced features of Vista clients? Can I set up a network for only Vista laptops, for example?
A: What advanced features are you referring to? NAP allows you to create requirements that a client must meet before it is allowed on the network. For example, if the network health policy requires Windows Vista to be the operating system to be defined as "healthy" then network access could be restricted to only machines with that OS.
Howard Lee[MSFT] (Expert):
Thank you for participating in our webchat.
Chris [MSFT] (Expert):
We also have a NAP forum where you can ask us questions directly should you run into troubles - http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=576&SiteID=17
Christian (Moderator):
Thanks to everyone for joining today's chat and thanks to the experts for being here to answer questions.
Chris [MSFT] (Expert):
Our public MSDN reference to the NAP SDK is http://msdn2.microsoft.com/en-us/library/aa369712.aspx.