locked
Unmanagable endpoint RRS feed

  • Question

  • Hi

    How would MS NAP look at guest endpoints?

    If a partner, kiosk, consultant with a client OS without the NAP client want to connect to the network, how would he be granted access without installing any software on their machines but still want to check if they have antivirus installed and running?

    Just a general question, when is the client scanned for the right virusdefinition file and patchlevel, before logon or after?

    I read that MS NAP can be based on DHCP server alone. What is the disadvanges with this solution?

    Best regards

    Henrik B. Hansen

    Monday, October 23, 2006 7:46 AM

Answers

All replies

  • For NAP to be fully functional, the health state of the client must be validated against NPS. Having said that, I would like to let you know there are companies developing NAP solution for those non NAP clients. For example Lockdownnetworks has an appliance based solution.

    Wrt your 2nd question, the target client's status is validaed at "connect time" and whenever the health state changes. In other words, it is not tied to the logon service.

    Thx.

     

    Calvin Choe

    NAP Ninja

    Microsoft

    Monday, October 23, 2006 4:32 PM
  • To handle your 3rd question, is NAP based solely DHCP, the answer is no. Check out this blog post on that very subject.

     

    Jeff Sigman [MSFT]
    NAP Release Manager
    Jeff.Sigman@online.microsoft.com *
    http://blogs.technet.com/nap
     
    * Remove the "online" to actually email me.
    ** This posting is provided "AS IS" with no warranties, and confers no rights.

    Monday, October 23, 2006 8:31 PM