Network Access Quarantine Control and NAP

Applies To: Windows Server 2008

Network Access Quarantine Control and NAP

Network Access Quarantine Control (NAQC) allows you to verify the configuration of client computers that are connecting to a server running Routing and Remote Access only at the moment when the access client is connecting to the network. The configuration of the client computer is verified by a script created by your organization administrator.

Network Access Protection (NAP) is a client health policy creation, enforcement, and remediation technology that is included in Windows Vista® and Windows Server® 2008. With NAP, you can establish health policies that define such things as software requirements, security update requirements, and required configuration settings for computers that connect to your network. The use of NAP rather than NAQC is recommended.

ImportantImportant
If you deploy both NAP and NAQC on your network, you must create separate network policies. If you configure one network policy with both NAP settings and NAQC attributes, such as a Quarantine IP Filter and a Quarantine Session Timer, NPS applies NAQC settings rather than NAP settings.

The following table lists the differences between NAP and NAQC.

 

Feature Available with NAP? Available with NAQC?

Can deploy with VPN (Routing and Remote Access)

Yes

Yes

Can deploy with Internet Protocol security (IPsec) and Health Registration Authority (HRA)

Yes

No

Can deploy with 802.1X wired and wireless

Yes

No

Can deploy with Terminal Services Gateway (TS Gateway)

Yes

No

Can deploy with DHCP

Yes

No

Provides ongoing monitoring of client computer

Yes

No; client configuration is checked once, when client attempts network access

Provides integrated automatic remediation of noncompliant computers

Yes

No

Requires administrator to write script to check client configuration

No

Yes

See Also

Community Additions

ADD
Show: