SlideShare une entreprise Scribd logo

Windows Server 2008 – Network Access Protection (NAP) Overview

Télécharger en tant que PPT, PDF
V
vncson

This document summarizes Network Access Protection (NAP) in Windows Server 2008. It discusses how NAP enhances security by authenticating, authorizing, and validating the health of systems connecting to the network. It provides an overview of the NAP architecture and how NAP works with DHCP, VPN/IPsec, and 802.1x to control network access based on system health policies. The document also demonstrates NAP configurations for DHCP and VPN/RRAS enforcement of health policies.

TechnologieÉconomie & finance
1  sur  21
Windows Server 2008 – Network Access Protection (NAP) Presented by Vu Nguyen Cao Son EPG Technical Specialist [email_address] www.CaoSonBlog.com
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
[object Object],[object Object],[object Object],[object Object],Why Security !!!??? – Wrong Way
[object Object],Why Security !!!??? – Right Way Risk-based model Defense in Depth Security Control with ISO 27001 Risk Level ROI
Risk-based Decision Making Business and IT Teams “ Best Control Solution” Information Security “ Prioritize Risks” Business Owners “ What’s Important” Assess Risks Define Security Requirements Determine Acceptable Risk Design & Build Security Solutions Operate & Support Security Solutions Measure Security Solutions
Demo ,[object Object],[object Object],[object Object],demonstration Defense in Depth with Microsoft Product
Network Access Protection Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Risk Level ROI Health and Policy Validation Defense at Multiple Layers Healthy Endpoints Connect Leverage Existing Investments
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
Network Access Protection Solution ,[object Object],[object Object],[object Object],[object Object],Polices, Procedures, and Awareness Data Application Host Internal Network Perimeter
NAP Architecture Overview Network Policy Server Quarantine Server (QS) Client Quarantine Agent (QA) Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices and Servers System Health Agent (SHA ) MS and 3rd Parties System Health Validator Enforcement Client (EC) (DHCP, IPSec, 802.1X, VPN)
How NAP Works Network Access Requests Corporate Network Restricted Network Windows Client Network Enforment Endpoint NPS Active Directory Health Statements QA SHA EC QS SHV Not Compliant Policy Compliant Remediation Servers
Why Microsoft NAP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
NAP with DHCP Requesting access. Here’s my new health status. The client requests and receives updates I need to lease an IP address You are not within the Health Policy requirements Access granted. Here is your new IP address NPS Server Client DHCP Server VPN Server IEEE 802.1X Devices Remediation Servers
Demonstration Environment
Configuring NAP for DHCP demonstration
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
NAP with VPN and RRAS RADIUS Messages PEAP Messages NPS Server Client VPN Server Remediation Servers
IPsec-based Communication Secure network Boundary network Restricted network IPsec Authenticated Unauthenticated
Using NAP with 802.1x Device ,[object Object],[object Object],Network Policy Server Authentication Server 802.1x Access Points 802.1x Switch Wireless Clients Active Directory Health Requirement Server Certificate Authority (Optional)
Q&A and Thanks You www.CaoSonBlog.com

Recommandé

Network access protection ppt
Network access protection pptNetwork access protection ppt
Network access protection pptDasarathi Dash
 
Network Access Protection
Network Access ProtectionNetwork Access Protection
Network Access ProtectionZernike College
 
Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Dinesh Kumar
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerManageEngine, Zoho Corporation
 
Enterprise network management
Enterprise network managementEnterprise network management
Enterprise network managementManageEngine, Zoho Corporation
 
NuvoSys Solutions, LLC
NuvoSys Solutions, LLCNuvoSys Solutions, LLC
NuvoSys Solutions, LLCnygonz
 
5 reasons to use OpManager Plus
5 reasons to use OpManager Plus5 reasons to use OpManager Plus
5 reasons to use OpManager PlusManageEngine, Zoho Corporation
 

Recommandé

Network access protection ppt
Network access protection pptNetwork access protection ppt
Network access protection pptDasarathi Dash
 
Network Access Protection
Network Access ProtectionNetwork Access Protection
Network Access ProtectionZernike College
 
Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Dinesh Kumar
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerManageEngine, Zoho Corporation
 
Enterprise network management
Enterprise network managementEnterprise network management
Enterprise network managementManageEngine, Zoho Corporation
 
NuvoSys Solutions, LLC
NuvoSys Solutions, LLCNuvoSys Solutions, LLC
NuvoSys Solutions, LLCnygonz
 
5 reasons to use OpManager Plus
5 reasons to use OpManager Plus5 reasons to use OpManager Plus
5 reasons to use OpManager PlusManageEngine, Zoho Corporation
 
Webinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesWebinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesKnight Security Systems
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-processTuan Phan
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management MattersManageEngine, Zoho Corporation
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerManageEngine, Zoho Corporation
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A DisasterManageEngine, Zoho Corporation
 
Network Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarNetwork Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarManageEngine, Zoho Corporation
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring toolManageEngine, Zoho Corporation
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManagerManageEngine, Zoho Corporation
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingManageEngine, Zoho Corporation
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerManageEngine, Zoho Corporation
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutionsdoughold
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech SolutionsJhugueno
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration ManagerManageEngine, Zoho Corporation
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTuan Phan
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop ServicesGss America
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance managementManageEngine
 
Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft TechNet
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessMicrosoft TechNet
 

Contenu connexe

Tendances

Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-processTuan Phan
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerManageEngine, Zoho Corporation
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingManageEngine, Zoho Corporation
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerManageEngine, Zoho Corporation
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutionsdoughold
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech SolutionsJhugueno
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration ManagerManageEngine, Zoho Corporation
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTuan Phan
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop ServicesGss America
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance managementManageEngine
 

Tendances (20)

Webinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesWebinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth Updates
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directory
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-process
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManager
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster
 
Network Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarNetwork Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai Seminar
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManager
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshooting
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManager
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutions
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech Solutions
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security Authorization
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop Services
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring Tool
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance management
 

Similaire à Windows Server 2008 – Network Access Protection (NAP) Overview

Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft TechNet
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessMicrosoft TechNet
 
Q1 Southern California Session Slides
Q1 Southern California Session SlidesQ1 Southern California Session Slides
Q1 Southern California Session SlidesHarold Wong
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech ServicesSEdwardPhelps
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part IITimothy Chen
 
Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Gabe Akisanmi
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkTim Martin
 
ISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustInformation Security Services SA
 
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustInformation Security Services SA
 
PSI Corporate Profile
PSI Corporate ProfilePSI Corporate Profile
PSI Corporate Profilemike_vincent
 
PSI corporate profile
PSI corporate profilePSI corporate profile
PSI corporate profilesanirudha
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challengewebhostingguy
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challengewebhostingguy
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesAmazon Web Services
 
Radiss Managed Services
Radiss Managed ServicesRadiss Managed Services
Radiss Managed Serviceskesavars
 
W7 for IT Professionals
W7 for IT ProfessionalsW7 for IT Professionals
W7 for IT Professionalsguest632c73
 

Similaire à Windows Server 2008 – Network Access Protection (NAP) Overview (20)

Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And Control
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct Access
 
Q1 Southern California Session Slides
Q1 Southern California Session SlidesQ1 Southern California Session Slides
Q1 Southern California Session Slides
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II
 
Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed Security
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-framework
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft
 
ISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de Entrust
 
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
 
PSI Corporate Profile
PSI Corporate ProfilePSI Corporate Profile
PSI Corporate Profile
 
PSI corporate profile
PSI corporate profilePSI corporate profile
PSI corporate profile
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challenge
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challenge
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps Associates
 
Radiss Managed Services
Radiss Managed ServicesRadiss Managed Services
Radiss Managed Services
 
W7 for IT Professionals
W7 for IT ProfessionalsW7 for IT Professionals
W7 for IT Professionals
 

Plus de vncson

Protecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuProtecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuvncson
 
Microsoft Private Cloud Computing
Microsoft Private Cloud ComputingMicrosoft Private Cloud Computing
Microsoft Private Cloud Computingvncson
 
Hyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son VuHyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son Vuvncson
 
Scvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son VuScvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son Vuvncson
 
Dpm4 Data Center
Dpm4 Data CenterDpm4 Data Center
Dpm4 Data Centervncson
 
Dpm Disaster Recovery Sonvu
Dpm Disaster Recovery SonvuDpm Disaster Recovery Sonvu
Dpm Disaster Recovery Sonvuvncson
 
Branch Office Solution Son Vu
Branch Office Solution Son VuBranch Office Solution Son Vu
Branch Office Solution Son Vuvncson
 
Dpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql SonvuDpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql Sonvuvncson
 
Data Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son VuData Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son Vuvncson
 
Data Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son VuData Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son Vuvncson
 
IO ROI Example
IO ROI ExampleIO ROI Example
IO ROI Examplevncson
 
Why Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son VuWhy Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son Vuvncson
 
Microsoft IO 101 Training
Microsoft IO 101 TrainingMicrosoft IO 101 Training
Microsoft IO 101 Trainingvncson
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vuvncson
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vuvncson
 
Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008vncson
 

Plus de vncson (16)

Protecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuProtecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vu
 
Microsoft Private Cloud Computing
Microsoft Private Cloud ComputingMicrosoft Private Cloud Computing
Microsoft Private Cloud Computing
 
Hyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son VuHyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son Vu
 
Scvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son VuScvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son Vu
 
Dpm4 Data Center
Dpm4 Data CenterDpm4 Data Center
Dpm4 Data Center
 
Dpm Disaster Recovery Sonvu
Dpm Disaster Recovery SonvuDpm Disaster Recovery Sonvu
Dpm Disaster Recovery Sonvu
 
Branch Office Solution Son Vu
Branch Office Solution Son VuBranch Office Solution Son Vu
Branch Office Solution Son Vu
 
Dpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql SonvuDpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql Sonvu
 
Data Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son VuData Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son Vu
 
Data Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son VuData Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son Vu
 
IO ROI Example
IO ROI ExampleIO ROI Example
IO ROI Example
 
Why Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son VuWhy Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son Vu
 
Microsoft IO 101 Training
Microsoft IO 101 TrainingMicrosoft IO 101 Training
Microsoft IO 101 Training
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vu
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vu
 
Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008
 

Dernier

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Dernier (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

Windows Server 2008 – Network Access Protection (NAP) Overview

  • 1. Windows Server 2008 – Network Access Protection (NAP) Presented by Vu Nguyen Cao Son EPG Technical Specialist [email_address] www.CaoSonBlog.com
  • 2.
  • 3.
  • 4.
  • 5. Risk-based Decision Making Business and IT Teams “ Best Control Solution” Information Security “ Prioritize Risks” Business Owners “ What’s Important” Assess Risks Define Security Requirements Determine Acceptable Risk Design & Build Security Solutions Operate & Support Security Solutions Measure Security Solutions
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. NAP Architecture Overview Network Policy Server Quarantine Server (QS) Client Quarantine Agent (QA) Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices and Servers System Health Agent (SHA ) MS and 3rd Parties System Health Validator Enforcement Client (EC) (DHCP, IPSec, 802.1X, VPN)
  • 11. How NAP Works Network Access Requests Corporate Network Restricted Network Windows Client Network Enforment Endpoint NPS Active Directory Health Statements QA SHA EC QS SHV Not Compliant Policy Compliant Remediation Servers
  • 12.
  • 13.
  • 14. NAP with DHCP Requesting access. Here’s my new health status. The client requests and receives updates I need to lease an IP address You are not within the Health Policy requirements Access granted. Here is your new IP address NPS Server Client DHCP Server VPN Server IEEE 802.1X Devices Remediation Servers
  • 16. Configuring NAP for DHCP demonstration
  • 17.
  • 18. NAP with VPN and RRAS RADIUS Messages PEAP Messages NPS Server Client VPN Server Remediation Servers
  • 19. IPsec-based Communication Secure network Boundary network Restricted network IPsec Authenticated Unauthenticated
  • 20.
  • 21. Q&A and Thanks You www.CaoSonBlog.com