NAP Enforcement Methods

Applies To: Windows Server 2008

NAP enforcement methods

Network Policy Server (NPS) enforces Network Access Protection (NAP) health policies for the following network technologies:

• Internet Protocol security (IPsec) policies for Windows Firewall on client computers. For NAP IPsec enforcement, the IPsec enforcement client must be installed on client computers. For more information, see NAP Enforcement for IPsec Communications.

• 802.1X port-based wired and wireless network access control. For more information, see NAP Enforcement for 802.1X.

• Dynamic Host Configuration Protocol (DHCP) Internet Protocol version 4 (IPv4) address lease and renewal. For more information, see NAP Enforcement for DHCP.

• Terminal Server Gateway (TS Gateway) connections with Terminal Services. For more information, see NAP Enforcement for Terminal Services Gateway.

• Virtual private networks (VPN) with Routing and Remote Access. For more information, see NAP Enforcement for VPN.

Using multiple enforcement methods

Each of these NAP enforcement methods has strengths and weaknesses. By combining enforcement methods, you can eliminate most of the weaknesses of your NAP deployment. Deploying multiple NAP enforcement methods, however, can make your NAP implementation more complex to manage.

See Also

Concepts

Network Access Protection in NPS
NAP Components
Windows Security Health Validator