"Microsoft is winning the NAC war, expert says"
Taken from the article:
"...the key is that people seem to be willing to let Microsoft take a leading role in NAC (Network Access Control). So we really focused on that: what comes built-in with XP SP3 and Vista? And then how do you extend things if you don't like what's built-in? We definitely had other policy decision points besides MS NPS---Cisco, Avenda Systems, Juniper, and Radiator, plus FreeRADIUS sort-of. Even on the client side, there are interesting things. For example, you can add more system health agents/verifiers, or you can go for other supplicants, or you can do non-Windows or pre-XPSP3 operating systems, or you can worry about other devices, like cameras and VoIP phones and printers. What we ended up with was about a dozen demonstrations, all showing what you need for a complete NAC solution. And it really focused on "let's start with Microsoft and work out from there."
I'm really looking forward to more and more 3rd parties writing their own Security Health Agents and Security Health Validators to extend the default configuration and capability of NAP, especially with non-PCs, like Mobile devices, cameras and printers. I blogged about the Forefront team doing just that, in this video, where they have written a Forefront Security Health Validator for NAP, to extend the functionality to a more granular level.