Network Location Awareness

  • Article

Network Location Awareness allows Group Policy to respond better to changing network conditions. One main benefit of the Network Location Awareness feature is the end of the reliance on the ICMP protocol (PING) for policy application.

Network Location Awareness ensures client computers are both aware of and responsive to changing network conditions and resource availability. With Network Location Awareness, Group Policy has access to resource detection and event notification capabilities in the operating system, such as recovery from hibernation or standby, establishment of VPN sessions, and moving in or out of a wireless network.

Network Location Awareness provides these benefits:

  • The workstation or server will experience more efficient startup times. Network Location Awareness provides an accurate indicator to Group Policy of when the network is ready. Group Policy will also be able to determine if the adapter is disabled or disconnected, enabling Group Policy to shorten its wait time for those scenarios in which the network will not be available.
  • The Group Policy client will apply policy settings whenever domain controller availability returns. Examples of connection events that trigger Group Policy processing include establishing VPN sessions, recovering from hibernation or standby, successfully exiting quarantine, and the docking of a laptop. This benefit can potentially increase the level of security on the workstation by more quickly applying Group Policy changes.
  • The Group Policy client will use Network Location Awareness for bandwidth determination and removing the reliance on the ICMP protocol (PING). This benefit allows organizations to secure their networks with firewalls, filter the ICMP protocol, and apply Group Policy.
  • New Group Policy settings provide administrators with more control over machine boot processing scenarios.

Using Network Location Awareness for Improved Policy Application and Processing

The following scenarios show how network location awareness can improve policy application and processing.

Connecting over Virtual Private Networks (VPN)

Network Location Awareness allows you to make changes to policy settings and ensure that they are applied efficiently to mobile users.

When mobile users connect to the corporate network, the Group Policy client will detect the availability of a domain controller. If the Group Policy refresh cycle has elapsed or the previous policy application has failed, Group Policy will initiate a background refresh over the VPN connection, updating both the machine and user policy. There is no need to reboot or log off before connecting to the corporate network over a VPN.

Ability to Process Group Policy Through a Firewall Filtering ICMP

Group Policy processes even if you have removed the ability for computers to respond to the ICMP protocol (PING). In the past, Group Policy settings would fail in this situation because slow link detection relied on ICMP. The Group Policy client in Windows Vista now utilizes Network Location Awareness to determine the network bandwidth and successfully continues to process Group Policy.