Network Access Protection (NAP) is one of the most desired and highly anticipated features of Windows Server 2008. NAP is a new platform and solution that controls access to network resources based on a client computer’s identity and compliance with corporate governance policy. NAP allows network administrators to define granular levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.
NAP includes an application programming interface (API) for developers and vendors to create complete solutions for health state validation, limitation of network access or communication, and ongoing compliance. This paper describes the scenarios for NAP, the components of NAP, and how NAP works for the different enforcement methods included with Windows Server 2008, Windows Vista, and Windows XP Service Pack 3.
Note The NAP platform is not the same as Network Access Quarantine Control, which is a capability provided with Windows Server 2003 to provide additional protection for remote access (dial-up and virtual private network [VPN]) connections. For more information, see Network Access Quarantine Control in Windows Server 2003.
|Top of page|