Network Access Protection (NAP)

Latest news from the Network Access Protection (NAP) team at Microsoft.

What OS’es should NAP support?

What OS’es should NAP support?

  • Comments 36
  • Likes

We visit many customers and partners around the world. One thing we hear consistently is “NAP client enforcement MUST BE SUPPORTED on XP”.

Which OS’es would block / hinder your NAP deployments if they weren’t supported? Any nice-to-have’s (non-blocking)? Raw numbers and/or supporting facts about your deployments, to justify the need, would really help us judge how big the problem really is.

Do you need support for:

1.)  Windows 2000

2.)  Windows Server 2003

3.)  Mac

4.)  Linux

5.)  Other

Please post your comments through the blog.


Jeff Sigman [MSFT]
NAP Release Manager *

* Remove the "online" to actually email me.
** This posting is provided "AS IS" with no warranties, and confers no rights.

  • Windows Server 2003 and Windows XP would be deal-breakers, particularly the latter.

    Mac & Linux I'd file in the "would be nice" column.

  • I've heard the "we need Win2K" request from customers, but I simply don't buy it.  Historically, we have invested in the Current -2 platforms and have really not gained much from it.  When Vista ships, Win2K will be 6-7 years old so we need to draw the line somewhere and focus on nailing all NAP scenarios on XP.

    I would also argue that Linux and Mac are required even more so than Server 2003 given how customer manage their servers (who's going to quarantine a server???)  What would be nice for Server 2003 is a patch SHA.

  • We have quite a few Mac OS X seats, and whereas it won't prevent us from doing our work, it probably will hinder us. A lot depends on what the Security folks have in store for us in terms of domain policies.

  • I think the order of importance is based on desktop not server:
    1. Mac
    2. Linux
    3. Win2003
    4. Win2000

    I agree with Pat, I do not think we will be quarantining servers. We will just issue health certs to them and patch/maintain them separately.

    Having none of these clients supported will NOT block deployment.

  • XP Would be nice until everyone gets up to vista speed

  • Linux and XP

  • Windows 2000 and Windows XP would be a requirement before we could implement this technology.

  • Linux, MAC and XP as well as Vista would be great. I have some customers who would need this in order to deploy this solution.

  • Windows 2000, XP, and Server 2003.

  • Thanks for all the comments folks. Does anyone have hard data like this:

    - We have 4 million Windows 2000 Pro machines deployed that won't see Vista for 3+ years. We won't be able to deploy NAP for 3 years if you don't solve Windows 2000.

    Keep the feedback coming-in, but I would love to see this kind of high-level supporting data.

    - Jeff Sigman

  • XP, Linux, MAC, Win2003. In that order.

  • We have almost 200 Win 2000 SP4 stations that will not be completely migrated until 2007.  Depending on the Vista release date, many of those will be on Win XP and would not be upgraded from XP to Vista until 2010 or later.

    I can find no business case for upgrading from XP to Vista or getting SA on the new desktops.  Right now, Vista seems to be new wizards and new GUI.

  • Windows XP followed by Windows 2000 support would be critical to us. We have about 400 deployed systems with only a handfull of Windows 2000 installs.

  • Almost 10,000 seats of XP that would need to be protected with NAP.  No rollout plans for Vista for the forseeable future.  (It would be completely reasonable to NOT support 2000 and earlier OS's). Server 2003 support would be nice as well.

  • 2003 and XP

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment