Design a Server Placement Strategy

Applies To: Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista

A NAP infrastructure includes components that authenticate client access requests and provide full or restricted access to clients based on their health. This is similar to the processes used on other networks, which also typically request and authenticate client credentials before granting access. Designing a server placement strategy for NAP can be relatively simple when you use the existing network as a template. For example, there are many advantages, namely security and reliability, to deploying a NAP health policy server on a domain controller. Likewise, you might decide to place NAP enforcement servers where you have provided other network access services, such as DNS or DHCP. The one thing that is unique about a NAP-enabled design is that it includes a limited access network for noncompliant NAP clients. The placement of remediation servers on this network depends greatly on the enforcement method that you use and on the type of access restrictions you will deploy. For more information, see the following sections of this guide:

• Planning the Placement of a NAP Health Policy Server

• Planning the Placement of a NAP Enforcement Server

• Planning the Placement of a NAP CA Server

• Planning the Placement of a NAP Remediation Server

• Planning the Placement of a NAP Health Requirement Server