Organizations can choose from several enforcement methods when deploying NAP. Each has its own strengths and drawbacks with regard to complexity, ease of deployment, and cost, as have been discussed in this guide. After selecting the best NAP enforcement technology and client compliance requirements, the planning process can continue.
If the organization’s analyses lead it to choose IPsec, refer to the following sources for additional planning and implementation guidance:
Chapter 16, "IPsec Enforcement," Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008. This information is also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
"Internet Protocol Security Enforcement in the Network Access Protection Platform" at http://www.microsoft.com/technet/network/nap/napipsec.mspx.
"TechNet Virtual Lab: Network Access Protection with IPSec Enforcement" at http://go.microsoft.com/?linkid=7032267.
Step-by-Step Guide: Demonstrate NAP IPsec Enforcement in a Test Lab at http://go.microsoft.com/fwlink/?Linkid=85894.
If the organization’s analyses lead it to choose 802.1x, refer to the following sources for additional planning and implementation guidance:
Chapter 17, "802.1X Enforcement," in Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008. This information is also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Step-by-Step Guide: Demonstrate NAP 802.1X Enforcement in a Test Lab at http://go.microsoft.com/fwlink/?Linkid=86036.
If the organization’s analyses lead it to choose RRAS, refer to the following sources for additional planning and implementation guidance:
Chapter 18, "VPN Enforcement," in Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008. This information is also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Step-by-Step Guide: Demonstrate NAP VPN Enforcement in a Test Lab at http://go.microsoft.com/fwlink/?Linkid=85896.
If the organization’s analyses lead it to choose DHCP, refer to the following sources for additional planning and implementation guidance:
Chapter 19, "DHCP Enforcement," in Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008. This information is also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Step-by-Step Guide: Demonstrate NAP DHCP Enforcement in a Test Lab at http://go.microsoft.com/fwlink/?Linkid=85897.
Network Access Protection at http://microsoft.com/nap
Microsoft NAP team’s blog at http://blogs.technet.com/nap
TechNet NAP discussion forum at http://forums.technet.microsoft.com/en-US/winserverNAP/threads
"Introduction to Network Access Protection" at http://www.microsoft.com/technet/network/nap/napoverview.mspx
"Network Access Protection Platform Architecture" at http://www.microsoft.com/technet/network/nap/naparch.mspx
Chapter 14, "Network Access Protection Overview," Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008; also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Chapter 15, "Preparing for Network Access Protection," Windows Server 2008 Networking and Network Access Protection (NAP). Microsoft Press, 2008; also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Chapter 5, "Firewall and Network Access Protection," Windows Server 2008 Security Resource Kit. Microsoft Press, 2008; also available as part of the Windows Server 2008 Resource Kit. Microsoft Press, 2008.
Please direct questions and comments about this guide to [email protected].