What client health checks should we add to NAP?

In the Vista / Longhorn Server timeframe, the included Windows System Health Agent will have the ability to restrict client network access based on the following Windows Security Center features:

  1. Firewall is enabled for all interfaces

  2. Antivirus is enabled / up-to-date signatures

  3. Antispyware is enabled / up-to-date signatures

  4. Automatic Update is enabled / up-to-date patches

We have had a lot of feedback from early NAP adopters that they would like to see future support for:

  1. Registry value checks
  2. WMI value checks
  3. File version/date/location checks

NAP was designed as an extensible platform, with a public API published on MSDN. We are working with many 3rd party companies who are going to provide value-added features on top of NAP.

We would love to hear from you about what client health checks should be added in the future, whether by Microsoft or a 3rd party extending NAP.

Jeff Sigman [MSFT]
NAP Release Manager
Jeff.Sigman@online.microsoft.com *
https://blogs.technet.com/nap

* Remove the "online" to actually email me.
** This posting is provided "AS IS" with no warranties, and confers no rights.