ProCurve gear compatible with Microsoft NAP

Identity Driven Manager simplifies access-control deployments

HP ProCurve Monday announced that its gear supports Microsoft Network Access Protection and also makes NAP simpler to configure.

In a ProCurve/Microsoft deployment, Microsoft's NAP client reports health of endpoints to the Microsoft health verifier, and the results of that assessment are passed on to HP's ProCurve Identity Driven Manager (IDM). (Compare NAC products.)

ProCurve IDM, which has been around for three years, can create sets of access attributes for different classes of users and trigger ProCurve switches to enforce those attributes. So IDM could assign access control lists, rate limits and quality of service attributes to a user and trigger enforcement of those attributes at the switch port the user's device is plugged into.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

HP ProCurve Monday announced that its gear supports Microsoft Network Access Protection and also makes NAP simpler to configure.

In a ProCurve/Microsoft deployment, Microsoft's NAP client reports health of endpoints to the Microsoft health verifier, and the results of that assessment are passed on to HP's ProCurve Identity Driven Manager (IDM). (Compare NAC products.)

ProCurve IDM, which has been around for three years, can create sets of access attributes for different classes of users and trigger ProCurve switches to enforce those attributes. So IDM could assign access control lists, rate limits and quality of service attributes to a user and trigger enforcement of those attributes at the switch port the user's device is plugged into.

This is classic network access control: Scan the endpoint, assess it, assign access rights based on that assessment and enforce those rights.

It is possible to do the same thing using all-Microsoft products, namely its NAP client and Windows Server 2008, but according to ProCurve, it requires intimate knowledge of Server 2008. ProCurve says its GUI makes setting up policies simpler for the user.

It is also possible to deploy NAC using all ProCurve gear.

The combined ProCurve-Microsoft access-control package can be deployed to protect both wired and wireless networks. ProCurve switches and access points can act as enforcement points for NAP.

Read more about security in Network World's Security section.