Windows' built-in security capabilities offer endpoint alternative to NAP/NACMicrosoft’s support of the IP Security (IPSec) standard was enhanced with the release of Windows Vista this year, and interest in the technology will likely grow with the introduction of Windows 2008. For smaller organizations, IPSec could prove to be a cheap alternative to other network access control (NAC) technologies, or a stepping stone to a full implementation of Microsoft's Network Access Protection (NAP) in large enterprises. Either way, it’s time for organizations to take a closer look at IPSec’s capabilities.
http://www.darkreading.com/document.asp?doc_id=141929
Urs
PingBack from http://geeklectures.info/2007/12/29/tech-insight-microsofts-ipsec-and-napnac/
Yes, NAP is interesting solution to ensure that all clients of the same network stick to the same security policy.
I had an excellent chance to discuss technical implementation of NAP with Cyril Voisin (Head of Microsoft Security Program in France). The only one thing which doubts me, is centralization approach – if anything goes wrong on policy server, no one in the network has the access to global network …