I've noticed this Accelerator Solution on our ms.com/security site today. Interestingly I think that it was only last week that a customer suggested to me when we were discussing NAP that they thought Malware rather than worms were the current 'real' threat to a corporate network. Well, I plan to take a look at it in more detail and incorporate it into my demo kit but, it looks like the security team agree and have released this 'Accelerator' the help you defend yourself again ugly Malware attacks (I was reading about this particular nasty today - imagine this getting hold of a corporate network - Blackmail ransomware returns with 1024-bit encryption key!
Here's the bits you need:-
Windows ForeFront Integration Kit for Network Access Protection
Create a compliance health policy for your network and monitor network health in real time with the Forefront Integration Kit, which integrates Forefront Client Security and the new Network Access Protection feature in Windows Server 2008.
This Solution Accelerator is a collection of software components and guidance that you can use to configure a compliance health policy for computers that run Forefront Client Security. Network administrators can use this Accelerator to assess the health of these computers before they are granted network access. If a computer is not compliant with the health policy for Forefront Client Security, it can be isolated to a restricted network until it is properly remediated. These capabilities are enabled by the new NAP feature in Windows Server 2008. The Integration Kit download files include the following components: Forefront-NAP Integration Kit. This Winzip archive contains a custom Forefront Client Security SHA and SHV for NAP, along with deployment guidance.