Resources for using certificates with NPS and NAP


An interesting but also somewhat complicated element of deploying a network access method with or without a NAP health evaluation is the use of digital certificates. Digital certificates can be used to provide strong authentication for remote access VPN connections, IEEE 802.1X-authenticated wired and wireless connections, and IPsec-protected traffic.


Additionally, the following NAP enforcement methods use certificates:


·         IPsec enforcement uses health certificates


·         The 802.1X and VPN enforcement methods use the Protected Extensible Authentication Protocol (PEAP) method, which requires a computer certificate on the NPS server and a corresponding root certificate on the NAP client


Here are the key resources for learning about certificates and access methods with NPS:


·         Certificates and NPS


·         Certificate Requirements for PEAP and EAP


Additionally, here are two Foundation Network Companion Guides that describe certificate deployment for EAP and PEAP:


·         The “Foundation Network Companion Guide: Deploying Server Certificates” available in HTML and Word document format


·         The “Foundation Network Companion Guide: Deploying Computer and User Certificates” available in HTML and Word document format


Consume, assimilate, deploy, and enjoy!


 

Joe Davies

Comments (0)