Network Access Quarantine Control

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Network Access Quarantine Control, a new feature in the Windows Server 2003 family, delays normal remote access to a private network until the configuration of the remote access computer has been examined and validated by an administrator-provided script. Without Network Access Quarantine Control, only the credentials of the user are verified, and a user with the correct credentials can connect even if their configurations do not comply with corporate network policy. For example, a remote access user with valid credentials can connect to a network with a computer that does not have required antivirus software installed on it. Remote access client can use either a manually-configured connection or a Connection Manager profile. For more information about configuring Network Access Quarantine Control by using a Connection Manager profile, see "Incorporate Custom Actions" later in this chapter.

Important

• Network Access Quarantine Control allows an administrator to prevent computers with unsafe or undesirable configurations from connecting to a private network, not to protect a private network from malicious users who have obtained a valid set of credentials.

For more information about Network Access Quarantine Control, see "Deploying Dial-up and VPN Remote Access Servers" and "Deploying Internet Authentication Service (IAS)" in this book, and "IAS Network Access Quarantine Control" in Help and Support Center for Windows Server 2003.