Introduction to Network Access Protection

Network Access Protection (NAP) is a platform that provides policy enforcement components to help ensure that computers connecting to or communicating on a network meet administrator-defined requirements for system health. NAP is supported by Microsoft® Windows Server® 2008 (now in beta testing), Windows Vista™, and Windows® XP Service Pack 3 (which includes the NAP Client for Windows XP, now in beta testing).

Administrators can use a combination of policy validation and network access limitation components to control network access or communication. Administrators can also choose to limit the access of computers that do not meet requirements to a restricted network. The restricted network contains resources needed to update computers so that they meet the health requirements for unlimited network access and normal communication.

NAP includes an application programming interface (API) for developers and vendors to create complete solutions for health state validation, limitation of network access or communication, and ongoing health compliance. This paper describes the scenarios for NAP, the components of NAP, and how NAP works for the different enforcement methods included with Windows Server 2008, Windows Vista, and Windows XP Service Pack 3.