Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Track Compliance with Security Policies

Updated: February 29, 2012

Applies To: Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista

One of the greatest advantages of NAP is that it allows you to measure and track compliance with corporate security policies. Tracking something as simple as compliance with antivirus signature updates can provide valuable information that you can use to address potential vulnerabilities on your network. A well-designed NAP reporting structure is associated with benefits that include:

  • Creation of a dynamic network health profile

  • Early identification of potential threats

  • Validation of security methods

  • Prioritization of security and administrative efforts

  • Unified access and compliance reporting across different access mediums

  • Vertical reporting (monthly summary of status for management)

NAP reporting can be customized to meet the needs of your organization. The following are some examples of the types of NAP reports that can be created and the benefits they provide.

Description: This report will show the number of compliant and noncompliant clients for all enforcement methods on a monthly basis.

Benefit: Provides a summary of the overall health of your network for each month reported.

See the following figure for an example of a NAP client compliance report:

0befcace-ca76-4742-8c4b-40c2d848b1f6

Sample NAP client compliance report

Description: This report will show the number of noncompliant clients for each installed SHV on a monthly basis.

Benefit: Displays which SHVs are reporting the most and the least compliance on your network so that you can troubleshoot or adjust health policies.

See the following figure for an example of a NAP client non-compliance SHV report:

d3f6e75f-15af-4263-a40f-fae488880e72

Sample NAP client non-compliance SHV report

Description: This report will show the number of clients that were granted full access and restricted access for all enforcement methods on a monthly basis.

Benefit: Can be used to assess the effect of current health policies on access to each area of your network.

See the following figure for an example of a NAP client access report:

61a64603-98b7-465c-b3ce-0c94afa321f9

Sample NAP client access report

Description: This report will show the number of clients granted full access and restricted access over a specified time period.

Benefit: Displays trends in network access over time that can be used to determine the stability of network health.

See the following figure for an example of a NAP client access trends report:

e8b7d133-d4be-473e-ae68-4cbf06718ea3

Sample NAP compliance trends report

The following illustration shows an example of components used for this NAP deployment goal.

fb8b88a6-ad1b-48cd-bb88-c415bdb214e8

Example NAP reporting design

In this example, Microsoft® SQL Server™ Express is installed on the local computer. NPS logs are captured and then forwarded to a central server running SQL Server. For considerations to take into account when developing your NAP reporting infrastructure, see NAP Reporting.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.