Planning for Network Access Protection
Applies To: System Center Configuration Manager 2007, System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2
The Configuration Manager 2007 Network Access Protection (NAP) feature requires careful planning before you implement it in a production environment. Click the associated link in the following section for guidance on how to plan a successful deployment of Network Access Protection in your enterprise. These topics cover both the Windows infrastructure and Configuration Manager.
In This Section
- Best Practices for Network Access Protection
- Provides best practice information about Network Access Protection in Configuration Manager.
- Determine Administrator Roles and Processes for Network Access Protection
- Provides guidance on the various roles involved with implementing Network Access Protection and how you can use role separation for software updates and Network Access Protection in Configuration Manager.
- Determine Your Policy Strategy for Network Access Protection
- Explains how Network Access Protection policies work on the Network Policy Server, so that you can plan a strategy that best meets your business requirements for enforcing compliance of software updates with Network Access Protection in Configuration Manager.
- Determine the Ports Required by Firewalls to Support Network Access Protection
- Identifies the traffic associated with Network Access Protection in Configuration Manager with the associated port number, so that you can configure intervening firewalls or network devices.
- Determine If You Should Install a System Health Validator Point for Network Access Protection
- Helps you decide whether you should install a System Health Validator in a Configuration Manager site.
- Decide Which Forest Will Publish Health State References for Network Access Protection
- Helps you decide which Active Directory forest will publish the health state references required by the System Health Validator point when your System Health Validator points are not in the same Active Directory forest as your site servers.
- Decide If You Need Additional Distribution Points for Network Access Protection Remediation
- Helps you decide whether you will need to configure additional distribution points as a result of implementing Network Access Protection.
- Determine Which Site Systems Are Boundary Servers for IPsec Network Access Protection
- Helps you identify which servers you need to configure as boundary servers if you are using IPsec as your Network Access Protection enforcement mechanism.
- Decide How To Create Configuration Manager NAP Policies for Network Access Protection
- Helps you decide which method you will use to create Configuration Manager NAP policies, for example, using the Network Access Protection node or the Software Updates node in the Configuration Manager console.
- Network Access Protection Planning Worksheets
- Provides a template planning worksheet of the information you need to gather and record prior to implementing Network Access Protection.
For additional information, see Configuration Manager 2007 Information and Support.
To contact the documentation team, email SMSdocs@microsoft.com.