Microsoft made a big deal at Interop of its network access protection (NAP) software working with other vendor’s NAC gear.

The company had a beta version of its Longhorn server, now being called Windows Server 2008, operating with switches made by 10 different vendors. It also showed NAP interoperating with half a dozen other vendors’ NAC policy servers.

The demonstration with the switches showed off the capabilities of the NAP client working together with its NAP server, the Network Policy Server (NPS). If the machine trying to gain network access doesn’t have its Vista personal firewall turned on, the NPS will turn it on.

The end user doesn’t have to do anything to make that happen. Some other NAC setups that found a personal firewall turned off might require the user to turn the software back on manually.

Microsoft says other software vendors are working on policy modules that can run on Windows Server 2008 to increase how much data can be fed to the NPS to help it make decisions about whether to grant access.

For example, rather than just tell whether antivirus software is turned on and updated, it could also tell when the software actually ran a virus scan, and the last time it found a virus. A policy could then be written that says the device should be denied access if it hasn’t been scanned within a certain period.

The demos showed off some appealing features but the main drawback of NAP remains that it can’t be deployed yet because Windows Server 2008 isn’t available. It’s hard to tell whether showing off these features will build interest or frustration.

Tim Greene is senior editor at Network World.