NAP and IPSEC RRS feed

  • Question

  • What does IPSEC have to do with NAP? Do i have to have an IPSEC policy in order to use NAP?


    Hope this makes some sense as im trying to understand both technologies.



    Friday, March 14, 2008 8:50 PM


  • Hi,


    NAP lets you restrict access if a computer doesn't meet requirements for health.

    IPsec is one method used to restrict access.


    There are several possible ways to restrict access to/from a computer. For example, you can change the computer's routing table, block IP traffic to/from the computer, place it on a different VLAN, etc. Keep in mind that these are not ways to *refuse* access, they are ways to *restrict* access.


    With IPsec, the method used is to block traffic to and from the computer. You do this by creating rules (policies). When a computer doesn't match NAP requirements, the "restrict access" policy takes effect.


    IPsec decides which computers should be restricted or not restricted based on which ones have a certificate. NAP provides a certificate to healthy computers, and removes it from unhealthy ones.


    I hope this helps,


    Saturday, March 15, 2008 6:10 AM