Network Access Protection (NAP)

Latest news from the Network Access Protection (NAP) team at Microsoft.

NAP and the Microsoft Assessment and Planning Toolkit 3.1

NAP and the Microsoft Assessment and Planning Toolkit 3.1

  • Comments 2
  • Likes

The latest version of the Microsoft Assessment and Planning Toolkit 3.1 (aka MAP) was released today from the Solution Accelerators team which contains a cool new feature that just might assist you in your NAP deployment planning.

If you’ve never heard of MAP, it is quite cool. I installed it and played around with it for the first time today. It was quite simple to use, once I overcame the installation pre-requisite hurdles (you need Word + Excel + two shared components of Office installed). Here is Baldwin Ng’s summary of what the tool is all about:

... in a nutshell, MAP is basically a network-wide agent-less tool that can help you quickly find out where your desktops and servers are and then it would auto-generate upgrade recommendations for multiple products and technologies including server, desktop and virtualization migration scenarios covering:

·         Windows Vista hardware and device compatibility assessment

·         Office 2007 hardware compatibility assessment

·         Windows Server 2008 hardware and device compatibility assessment

·         Microsoft Application Virtualization hardware compatibility assessment

·         SNMP inventory reporting

[... and new to version 3.1]

·         Hyper-V virtualization candidates assessment (+ improved virtual machines inventory)

·         SQL server discovery and assessment

·         64-bit installation support

·         Desktop Windows Security Center assessment

The last one in red is where NAP comes in. NAP out of the box in XP SP3, Vista and Server 2008 tracks compliance around the Windows Security Center. As you probably know, NAP can be extended by 3rd parties quite easily to extend the compliance checking, but the items in Security Center are a great place to start! MAP is able to inventory your entire network and actually give you a glimpse of you NAP “compliance” without having to deploy it first to find out! Pretty cool!

I ran a short wizard to tell MAP to enumerate all the computers in my AD and to scan them for “Vista compatibility”. It found my only domain-joined computer:

The cool thing about the results is that they are available right through Excel. It showed me that if I enabled NAP today, this machine would probably need some remediation! :->

I encourage you to play around with this awesome update to a very rich tool!

Main download page –or- directly from x86 / x64

 

Jeff

Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment