Most networks have perimeter firewalls to help protect the internal network from worms, viruses, and other attackers However, attackers can penetrate your network through remote access connections (such as a VPN) or by infecting a mobile PC and then spreading to other internal computers after the mobile PC connects to your LAN.
Windows Vista and Windows 7, when connecting to a Windows Server 2008 infrastructure, support Network Access Protection (NAP) to reduce the risk of attackers entering through remote access and LAN connections using the built-in NAP client software of Windows Vista. If a Windows client computer lacks current security updates or antivirus signatures or otherwise fails to meet your requirements for a healthy computer, NAP can block the computer from reaching your internal network.
However, if a computer fails to meet the requirements to join your network, the user doesn't have to remain frustrated. Client computers can be directed to an isolated quarantine network to download the updates, antivirus signatures, or configuration settings required to comply with your health requirements policy. Within minutes, a potentially vulnerable computer can be protected and once again allowed to connect to your network.
NAP is an extensible platform that provides an infrastructure and an application programming interface (API) for health policy enforcement . Independent hardware and software vendors can plug their security solutions into NAP so that IT administrators can choose the security solutions that meet their unique needs. NAP helps to ensure that every machine on the network makes full use of those custom solutions.
Microsoft will also release NAP client support with Windows XP SP3 . For more information about NAP, see http://www.microsoft.com/nap/.
Was this article helpful?