HP gear supports and simplifies Microsoft NAP

HP gear supports Microsoft NAP and simplifies NAP configuration

Cloud Security Alert By Tim Greene, Network World
April 22, 2008 12:07 AM ET

Clarifying issues surrounding this emerging security architecture

HP is announcing that its gear supports Microsoft NAP and claiming that it also makes NAP simpler to configure.

In an HP/Microsoft deployment, Microsoft’s NAP client reports health of endpoints to the Microsoft health verifier, and the results of that assessment are passed on to HP’s ProCurve Identity Driven Manager (IDM).

ProCurve IDM, which has been around for three years, can create sets of access attributes for different classes of users and trigger ProCurve switches to enforce those attributes. So IDM could assign access control lists, rate limits and QoS attributes to a user and trigger enforcement of those attributes at the switch port the user’s device is plugged into.

This is classic NAC. Scan the endpoint, assess it, assign access rights based on that assessment and enforce those rights.

Related Content

It is possible to do this using all-Microsoft products, namely its NAP client and Windows Server 2008, but according to ProCurve, it’s a lot of heavy lifting to learn how. ProCurve says its GUI makes it a lot simpler.

Lots of vendors are coming out in support of NAP and proposing hybrid configurations involving their equipment and Microsoft’s and this is another one to explore. Naturally ProCurve customers would be the most interested. (Compare NAC products)

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.