locked
NAP and IPSEC RRS feed

  • Question

  • What does IPSEC have to do with NAP? Do i have to have an IPSEC policy in order to use NAP?

     

    Hope this makes some sense as im trying to understand both technologies.

     

    Thanks

    Friday, March 14, 2008 8:50 PM

Answers

  • Hi,

     

    NAP lets you restrict access if a computer doesn't meet requirements for health.

    IPsec is one method used to restrict access.

     

    There are several possible ways to restrict access to/from a computer. For example, you can change the computer's routing table, block IP traffic to/from the computer, place it on a different VLAN, etc. Keep in mind that these are not ways to *refuse* access, they are ways to *restrict* access.

     

    With IPsec, the method used is to block traffic to and from the computer. You do this by creating rules (policies). When a computer doesn't match NAP requirements, the "restrict access" policy takes effect.

     

    IPsec decides which computers should be restricted or not restricted based on which ones have a certificate. NAP provides a certificate to healthy computers, and removes it from unhealthy ones.

     

    I hope this helps,

    -Greg

    Saturday, March 15, 2008 6:10 AM