How System Center will take a NAP

Microsoft's Jeff Wettlaufer, from the System Center Configuration Manager team, posted a primer on how System Center

Configuration Manager works with Network Access Protection. NAP is Microsoft's term for what the industry otherwise refers to as Network Access Control. Wettlaufer notes in his blog that NAP integrates with Microsoft products in the following ways:

System Center Configuration Manager 2007

Patch management and remediation

Forefront Client Services

Integrated AV product with it’s own SHA/SHV for NAP

SQL Server 2008

Centralized logging for NPS

Terminal Server 2008 Gateway

Integrated support for NAP policy creation and enforcement

Windows Vista

Improved IPsec and 802.1x features and management

But SCCM does more than simple patch management, he says:

"There are 2 types of configuration settings that NAP can look for. Out of the box NAP in Server 2008 can look for things like you see in your Control Panel - Security Center Applet - such as Firewall, Automatic Updates, Malware Protection and other security settings. These policy based settings are typically present in the form of Group Policy, or Anti Virus applications. Configuration Manager also uses a site role called a System Health Validator Point, as well as a Software Update Point, to work with Windows Server to scan for update compliance. Using the site role called System Health Validator, and the Software Update Management capability of Configuration Manager, NAP enforcement can be used to ensure updates are present on clients."

The post also offers the following demonstration of SCCM and NAP in action:


Want to learn more about all things System Center? Check out Microsoft management guru Kerrie Myler's blog . Kerrie Meyler's next book, System Center Operations Manager 2007 Unleashed will be published on 2/29/08 and is available for pre-order now. Microsoft Subnet will be giving away copies of Meyler's new book after it is released. Watch for details on the main Microsoft Subnet page.

Go to Microsoft Subnet for more news, blogs, opinion.

More Microsoft Subnet blog posts

Screenshots of Windows 7

What you can and cannot do in Server Core

Why you should upgrade to Windows Update Server (WSUS) 3.0

Microsoft vs. Novell over enterprise-class configuration tools

Desktop races towards virtualization

Win free Microsoft training from New Horizons

All Micronet blog posts

Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Copyright © 2008 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022