Checklist: Configuring Network Access Protection (NAP) with DirectAccess
Updated: May 20, 2010
Applies To: Windows Server 2008 R2
Important
This topic describes deployment of DirectAccess in Windows Server 2008 R2. For deployment of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Deployment Guide (https://go.microsoft.com/fwlink/?LinkId=179989).
This checklist includes cross-reference links to important concepts about deploying Network Access Protection (NAP) with DirectAccess. It also contains links to procedures and other checklists that will help you complete the tasks that are required to implement this design.
Note
Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic, a procedure, or to another checklist, return to this topic so that you can proceed with the remaining tasks in this checklist.
.gif)
Checklist: Configuring NAP with DirectAccess
| Task | Reference | |
|---|---|---|
.gif) |
Review important concepts for using NAP with DirectAccess. |
|
|
(Optional, but recommended) Demonstrate DirectAccess with NAP in a test lab. |
|
|
Deploy NAP with the Internet Protocol security (IPsec) enforcement method. |
|
|
As needed by your NAP design plan, install an IPsec enforcement exemption certificate on the DirectAccess server. |
|
|
As needed by your DirectAccess design plan, configure DirectAccess for the full intranet, selected server, or end-to-end access model. |
|
|
As needed by your design plan, modify the connection security rules for DirectAccess clients and servers. |
.gif)
.gif)