Hi,
Thanks for posting in Q&A platform.
For 1st question, please kindly note that Network Access Protection (NAP) was deprecated in Windows Server 2012 R2 and it was not available in Windows Server 2016.
Here is a similar thread talking about the replacement of NAP in server 2016, you could refer to the method mentioned in this thread.
If you have a single Network Policy Server, you will experience some downtime as you will have to retire the old machine and setup a new one.
When deploying the destination server with the same host name and IP address, network access requests cannot be evaluated by NPS while the source server is offline and before the destination server brought online with the same name and IP address. During this time, client computers requesting access to the network cannot authenticate and are denied network access.
When deploying the destination server with a different host name and IP address, RADIUS client settings for all network access servers that are configured to use the source server must be updated.
For more detailed steps regarding of how to upgrade NPS server, please refer to the following article:
Upgrading Network Policy Server from Server 2008 R2 to Server 2012 R2
Moving NPS from Windows 2008 to Windows 2016
Please Note: Since the websites are not hosted by Microsoft, the links may change without notice. Microsoft does not guarantee the accuracy of this information.
For your 2nd question, you can configure load balancing for NPS server, for detailed steps, please refer to the following article:
NPS Proxy Server Load Balancing
Best Regards,
Sunny
----------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.