Network Access Protection (NAP)

Latest news from the Network Access Protection (NAP) team at Microsoft.

XP NAP Rude Q and A

XP NAP Rude Q and A

  • Comments 4
  • Likes

Since I spend nearly 1/3 of my week answering (or ignoring :->) emails about the XP NAP Client, I thought it might be smart to give a very concise Q&A. Here goes:

 

Questions

Jeff’s (brilliant) Answers

How do I get a copy of the BETA?

While it is on MSConnect, it is easier just to email me to get a copy. I have US-English and Language Neutral versions from the April 2007 Beta release. Remember, this is a BETA and is not officially supported (i.e. no QFEs); see XP SP3 info below.

How will this actually release officially?

ONLY via Windows XP Service Pack 3.

When will XP SP3 RTM?

1H CY2008

Will you please ship it outside of SP3?

I am sorry, no.

Why won’t you ship it outside of SP3?

In brief, the risk and cost to Windows was too high. NAP on XP changes 19+ core OS files (e.g. RAS, Wireless, EAP, etc) and we wouldn’t get the same testing coverage outside of SP3. Also, OOB releases are notoriously expensive to sustain. The code base would have to be maintained, orthogonally to XP itself, for 10+ years (i.e. MSRC’s). Wow.

How does the XP client compare with Vista?

Read my cool blog post.

Is it true that you brought all the great Vista Wired 802.1x features to XP?

Very true. Many customers have wanted Group Policy configuration for Wired 802.1x on XP. NAP gave us the needed business justification to pull it off in XP SP3.

Will the NAP Client release for any other Microsoft O/S’s?

Not at this time. No support for Windows Bob, 3.x, 9x, ME, 2000 and/or 2003.

What about Linux, Mac, etc?

Oh yeah baby, we have Linux right now. Mac is nearly here. This is the dude making it all happen.

What administration tools are available in the XP Client?

Only the command-line (netsh.exe nap). The MMC was written in managed code and isn’t available on XP. Also, our assumption is that Group Policy / script is good enough for XP.

What Active Directory schema changes are required, if any?

NAP, in general, does NOT require any AD schema updates. NAP fits in well with existing Server 2000/2003 deployments and simply requires a minimum of ONE Server 2008 computer (NAP Server / NPS).

 

However, in order to manage Vista (and XP SP3) Wired 802.1x settings a schema update may be required. If you are using Server 2008 AD, it is included. Server 2003 AD requires an updated schema.

Will XP NAP honor my GP configuration settings just like Vista NAP (i.e. NAPAgent, QECs, etc)?

Yup!

 

 

Thanks for helping us NAP the WORLD!

 

 

Jeff Sigman
Senior Program Manager

Network Access Protection (NAP)

 

NAP Blog

NAP Forum

NAP Site

Comments
  • PingBack from http://linux.x7g.net/2007/11/08/xp-nap-rude-q-and-a/

  • I agree it was the best choice to have it with a SP then to release it off cycle.  Keep up the great work.  This has A LOT of good things that can be done.

  • Thanks much for the support Joe!

    Jeff

  • We are currently doing content on Network Access Protection at our live TechEvents across the country.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment