What Does Microsoft Network Access Protection Mean?
Network Access Protection (NAP) is a Microsoft technology that enforces compliance with a system’s health requirements by ensuring that newly connected desktop or laptop computers do not contain or allow staging for a computer virus or Trojan. Before allowing a newly connected computer to access the network, software on both the client and server checks a newly connected computer’s operating system, Internet browsers, anti-virus programs, firewalls, security programs and components, and all other applications. Compliant client computers are given full access to the network, and network system administrators can configure the NAP so that noncompliant client machines have restricted access.
NAC was introduced with Microsoft Windows Server 2008.
Techopedia Explains Microsoft Network Access Protection
Microsoft Network Access Protection uses NAP enforcement points, computers or network devices that include:
- Virtual private network servers
- IEEE 802.1X-capable switches
- Network access control
- Dynamic Host Configuration Protocol servers
- Health registration authorities
However, these computers or network devices must be using Windows Server 2008, or the R2 version, which are capable of storing client computer health requirement policies and evaluating compliance using the Remote Authentication Dial-In User Service (RADIUS) protocol (to be replaced with Diameter, an improved but similar protocol) that provides centralized authentication, authorization and accounting management for client computers. If in noncompliance, the protocols will place the client computer on a restricted network. This is a subset of the Intranet (the corporate network), which contains resources to help correct the client computer. After remediation, the client computer may again be given a new evaluation.
