Network Access Protection

When we think about network layer security, we tend to limit ourselves to thinking about firewalls to protect us from the “outside” world. But what about your own employees bringing in “infected” laptops with all kinds of viruses/spyware/adware programs picked up in other locations. Mobile users are nowadays often over 30% of your users and they often cause the risk of a virus outbreak, patch incompliance. NAP has some built-in enforcement policies (IPsec, DHCP, wireless) but also offers extension for vendors to provide “health” checking of NAP clients for things like antivirus software for example. NAP looks promising when it comes to securing the internal network. It is now available in Vista and LH beta2 (available in MSDN/Technet subscriptions). NAP team is also building a MOM MP for MOM 2007 that will enable monitoring the NAP clients.

You can read more at:

https://www.microsoft.com/downloads/details.aspx?familyid=2f37651e-1749-45c3-996e-53de05d44ef7&displaylang=en – NAP architecture whitepaper

https://www.microsoft.com/technet/itsolutions/network/nap/napfaq.mspx - NAP FAQ

https://blogs.msdn.com/nap/ - NAP blog