SlideShare une entreprise Scribd logo

MS NAP - Security Day

Télécharger en tant que PPT, PDF
V
vncson

This document summarizes Network Access Protection (NAP) in Windows Server 2008. It discusses how NAP enhances security by authenticating, authorizing, and validating the health of systems connecting to the network. It provides an overview of the NAP architecture and how NAP works with DHCP, VPN/IPsec, and 802.1x to control network access based on system health policies. The document also demonstrates NAP configurations for DHCP and VPN/RRAS enforcement of health policies.

TechnologieÉconomie & finance
1  sur  21
Windows Server 2008 – Network Access Protection (NAP) Presented by Vu Nguyen Cao Son EPG Technical Specialist [email_address] www.CaoSonBlog.com
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
[object Object],[object Object],[object Object],[object Object],Why Security !!!??? – Wrong Way
[object Object],Why Security !!!??? – Right Way Risk-based model Defense in Depth Security Control with ISO 27001 Risk Level ROI
Risk-based Decision Making Business and IT Teams “ Best Control Solution” Information Security “ Prioritize Risks” Business Owners “ What’s Important” Assess Risks Define Security Requirements Determine Acceptable Risk Design & Build Security Solutions Operate & Support Security Solutions Measure Security Solutions
Demo ,[object Object],[object Object],[object Object],demonstration Defense in Depth with Microsoft Product
Network Access Protection Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Risk Level ROI Health and Policy Validation Defense at Multiple Layers Healthy Endpoints Connect Leverage Existing Investments
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
Network Access Protection Solution ,[object Object],[object Object],[object Object],[object Object],Polices, Procedures, and Awareness Data Application Host Internal Network Perimeter
NAP Architecture Overview Network Policy Server Quarantine Server (QS) Client Quarantine Agent (QA) Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices and Servers System Health Agent (SHA ) MS and 3rd Parties System Health Validator Enforcement Client (EC) (DHCP, IPSec, 802.1X, VPN)
How NAP Works Network Access Requests Corporate Network Restricted Network Windows Client Network Enforment Endpoint NPS Active Directory Health Statements QA SHA EC QS SHV Not Compliant Policy Compliant Remediation Servers
Why Microsoft NAP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
NAP with DHCP Requesting access. Here’s my new health status. The client requests and receives updates I need to lease an IP address You are not within the Health Policy requirements Access granted. Here is your new IP address NPS Server Client DHCP Server VPN Server IEEE 802.1X Devices Remediation Servers
Demonstration Environment
Configuring NAP for DHCP demonstration
[object Object],[object Object],[object Object],[object Object],[object Object],Agenda
NAP with VPN and RRAS RADIUS Messages PEAP Messages NPS Server Client VPN Server Remediation Servers
IPsec-based Communication Secure network Boundary network Restricted network IPsec Authenticated Unauthenticated
Using NAP with 802.1x Device ,[object Object],[object Object],Network Policy Server Authentication Server 802.1x Access Points 802.1x Switch Wireless Clients Active Directory Health Requirement Server Certificate Authority (Optional)
Q&A and Thanks You www.CaoSonBlog.com

Recommandé

Network access protection ppt
Network access protection pptNetwork access protection ppt
Network access protection pptDasarathi Dash
 
Network Access Protection
Network Access ProtectionNetwork Access Protection
Network Access ProtectionZernike College
 
Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Dinesh Kumar
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerManageEngine, Zoho Corporation
 
Enterprise network management
Enterprise network managementEnterprise network management
Enterprise network managementManageEngine, Zoho Corporation
 
NuvoSys Solutions, LLC
NuvoSys Solutions, LLCNuvoSys Solutions, LLC
NuvoSys Solutions, LLCnygonz
 
5 reasons to use OpManager Plus
5 reasons to use OpManager Plus5 reasons to use OpManager Plus
5 reasons to use OpManager PlusManageEngine, Zoho Corporation
 

Recommandé

Network access protection ppt
Network access protection pptNetwork access protection ppt
Network access protection pptDasarathi Dash
 
Network Access Protection
Network Access ProtectionNetwork Access Protection
Network Access ProtectionZernike College
 
Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Requirements for an internet connectivity solution 1
Requirements for an internet connectivity solution 1Dinesh Kumar
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerIT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow Analyzer
IT Solutions Provider in Kosovo uses Bandwidth monitoring, NetFlow AnalyzerManageEngine, Zoho Corporation
 
Enterprise network management
Enterprise network managementEnterprise network management
Enterprise network managementManageEngine, Zoho Corporation
 
NuvoSys Solutions, LLC
NuvoSys Solutions, LLCNuvoSys Solutions, LLC
NuvoSys Solutions, LLCnygonz
 
5 reasons to use OpManager Plus
5 reasons to use OpManager Plus5 reasons to use OpManager Plus
5 reasons to use OpManager PlusManageEngine, Zoho Corporation
 
Webinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesWebinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesKnight Security Systems
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-processTuan Phan
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management MattersManageEngine, Zoho Corporation
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerManageEngine, Zoho Corporation
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A DisasterManageEngine, Zoho Corporation
 
Network Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarNetwork Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarManageEngine, Zoho Corporation
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring toolManageEngine, Zoho Corporation
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManagerManageEngine, Zoho Corporation
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingManageEngine, Zoho Corporation
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerManageEngine, Zoho Corporation
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutionsdoughold
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech SolutionsJhugueno
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration ManagerManageEngine, Zoho Corporation
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTuan Phan
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop ServicesGss America
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance managementManageEngine
 
Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft TechNet
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessMicrosoft TechNet
 

Contenu connexe

Tendances

Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directoryPrince JabaKumar
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-processTuan Phan
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerManageEngine, Zoho Corporation
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingManageEngine, Zoho Corporation
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerManageEngine, Zoho Corporation
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutionsdoughold
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech SolutionsJhugueno
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration ManagerManageEngine, Zoho Corporation
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12Inuit AB
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTuan Phan
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop ServicesGss America
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring ToolJoe Shestak
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveManageEngine, Zoho Corporation
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance managementManageEngine
 

Tendances (20)

Webinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth UpdatesWebinar: SecurePlanHealth Updates
Webinar: SecurePlanHealth Updates
 
Monitoring active-directory
Monitoring active-directoryMonitoring active-directory
Monitoring active-directory
 
Completing fedramp-security-authorization-process
Completing fedramp-security-authorization-processCompleting fedramp-security-authorization-process
Completing fedramp-security-authorization-process
 
Why Configuration Management Matters
Why Configuration Management MattersWhy Configuration Management Matters
Why Configuration Management Matters
 
Application-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManagerApplication-aware Network Performance Management with OpManager
Application-aware Network Performance Management with OpManager
 
5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster5 Ways NCM Can Save You From A Disaster
5 Ways NCM Can Save You From A Disaster
 
Network Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai SeminarNetwork Configuration Management - Mumbai Seminar
Network Configuration Management - Mumbai Seminar
 
5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool5 reasons why you need a network monitoring tool
5 reasons why you need a network monitoring tool
 
5 benefits of OpManager
5 benefits of OpManager5 benefits of OpManager
5 benefits of OpManager
 
Free Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshootingFree Netflow analyzer training - diagnosing_and_troubleshooting
Free Netflow analyzer training - diagnosing_and_troubleshooting
 
Leading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManagerLeading American Entertainment Company implements OpManager
Leading American Entertainment Company implements OpManager
 
Why Use Wes Tech Solutions
Why Use Wes Tech SolutionsWhy Use Wes Tech Solutions
Why Use Wes Tech Solutions
 
Why Use Westech Solutions
Why Use Westech SolutionsWhy Use Westech Solutions
Why Use Westech Solutions
 
6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager6 reasons to switch to fluidic ui - Network Configuration Manager
6 reasons to switch to fluidic ui - Network Configuration Manager
 
New OpManager v12
New OpManager v12New OpManager v12
New OpManager v12
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security Authorization
 
Managed Desktop Services
Managed Desktop ServicesManaged Desktop Services
Managed Desktop Services
 
Best Network Performance Monitoring Tool
Best Network Performance Monitoring ToolBest Network Performance Monitoring Tool
Best Network Performance Monitoring Tool
 
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solveTop 5 problems a NETWORK ANALYSIS TOOL will help you solve
Top 5 problems a NETWORK ANALYSIS TOOL will help you solve
 
The 3 aspects of network performance management
The 3 aspects of network performance managementThe 3 aspects of network performance management
The 3 aspects of network performance management
 

Similaire à MS NAP - Security Day

Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft TechNet
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessMicrosoft TechNet
 
Q1 Southern California Session Slides
Q1 Southern California Session SlidesQ1 Southern California Session Slides
Q1 Southern California Session SlidesHarold Wong
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Servicesssphelps
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech ServicesSEdwardPhelps
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part IITimothy Chen
 
Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Gabe Akisanmi
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkTim Martin
 
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustInformation Security Services SA
 
ISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustInformation Security Services SA
 
PSI Corporate Profile
PSI Corporate ProfilePSI Corporate Profile
PSI Corporate Profilemike_vincent
 
PSI corporate profile
PSI corporate profilePSI corporate profile
PSI corporate profilesanirudha
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challengewebhostingguy
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challengewebhostingguy
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesAmazon Web Services
 
Radiss Managed Services
Radiss Managed ServicesRadiss Managed Services
Radiss Managed Serviceskesavars
 
W7 Enterprise
W7 EnterpriseW7 Enterprise
W7 Enterprisearalves
 

Similaire à MS NAP - Security Day (20)

Microsoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And ControlMicrosoft Windows 7 Enhanced Security And Control
Microsoft Windows 7 Enhanced Security And Control
 
Connect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct AccessConnect Remotely Using Windows® 7 Direct Access
Connect Remotely Using Windows® 7 Direct Access
 
Q1 Southern California Session Slides
Q1 Southern California Session SlidesQ1 Southern California Session Slides
Q1 Southern California Session Slides
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services2011 09 19 Radiss Tech Services
2011 09 19 Radiss Tech Services
 
0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II0505 Windows Server 2008 一日精華營 Part II
0505 Windows Server 2008 一日精華營 Part II
 
Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7Windows 2008 R2 & Windows7
Windows 2008 R2 & Windows7
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed Security
 
IPv6-strategic-planning-framework
IPv6-strategic-planning-frameworkIPv6-strategic-planning-framework
IPv6-strategic-planning-framework
 
Windows 7 by microsoft
Windows 7 by microsoft Windows 7 by microsoft
Windows 7 by microsoft
 
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de EntrustISS SA le presenta los Escenarios para IdentityGuard de Entrust
ISS SA le presenta los Escenarios para IdentityGuard de Entrust
 
ISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de EntrustISS SA le presenta los escenarios para IdentityGuard de Entrust
ISS SA le presenta los escenarios para IdentityGuard de Entrust
 
PSI Corporate Profile
PSI Corporate ProfilePSI Corporate Profile
PSI Corporate Profile
 
PSI corporate profile
PSI corporate profilePSI corporate profile
PSI corporate profile
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challenge
 
Presentation Flow Part A – The Challenge
Presentation Flow Part A – The ChallengePresentation Flow Part A – The Challenge
Presentation Flow Part A – The Challenge
 
Migrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps AssociatesMigrate and Manage Workloads with Apps Associates
Migrate and Manage Workloads with Apps Associates
 
Radiss Managed Services
Radiss Managed ServicesRadiss Managed Services
Radiss Managed Services
 
W7 Enterprise
W7 EnterpriseW7 Enterprise
W7 Enterprise
 

Plus de vncson

Protecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuProtecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuvncson
 
Microsoft Private Cloud Computing
Microsoft Private Cloud ComputingMicrosoft Private Cloud Computing
Microsoft Private Cloud Computingvncson
 
Hyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son VuHyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son Vuvncson
 
Scvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son VuScvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son Vuvncson
 
Dpm4 Data Center
Dpm4 Data CenterDpm4 Data Center
Dpm4 Data Centervncson
 
Dpm Disaster Recovery Sonvu
Dpm Disaster Recovery SonvuDpm Disaster Recovery Sonvu
Dpm Disaster Recovery Sonvuvncson
 
Branch Office Solution Son Vu
Branch Office Solution Son VuBranch Office Solution Son Vu
Branch Office Solution Son Vuvncson
 
Dpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql SonvuDpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql Sonvuvncson
 
Data Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son VuData Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son Vuvncson
 
Data Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son VuData Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son Vuvncson
 
IO ROI Example
IO ROI ExampleIO ROI Example
IO ROI Examplevncson
 
Why Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son VuWhy Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son Vuvncson
 
Microsoft IO 101 Training
Microsoft IO 101 TrainingMicrosoft IO 101 Training
Microsoft IO 101 Trainingvncson
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vuvncson
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vuvncson
 
Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008vncson
 

Plus de vncson (16)

Protecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vuProtecting exchange servers with dpm 2010 son vu
Protecting exchange servers with dpm 2010 son vu
 
Microsoft Private Cloud Computing
Microsoft Private Cloud ComputingMicrosoft Private Cloud Computing
Microsoft Private Cloud Computing
 
Hyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son VuHyper V In Windows Server 2008 R2.Son Vu
Hyper V In Windows Server 2008 R2.Son Vu
 
Scvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son VuScvmm Technical Overview.Son Vu
Scvmm Technical Overview.Son Vu
 
Dpm4 Data Center
Dpm4 Data CenterDpm4 Data Center
Dpm4 Data Center
 
Dpm Disaster Recovery Sonvu
Dpm Disaster Recovery SonvuDpm Disaster Recovery Sonvu
Dpm Disaster Recovery Sonvu
 
Branch Office Solution Son Vu
Branch Office Solution Son VuBranch Office Solution Son Vu
Branch Office Solution Son Vu
 
Dpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql SonvuDpm.2007.For.Sql Sonvu
Dpm.2007.For.Sql Sonvu
 
Data Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son VuData Protection Manager 2007 Technical Overview Son Vu
Data Protection Manager 2007 Technical Overview Son Vu
 
Data Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son VuData Center Optimization With Microsoft System Center Son Vu
Data Center Optimization With Microsoft System Center Son Vu
 
IO ROI Example
IO ROI ExampleIO ROI Example
IO ROI Example
 
Why Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son VuWhy Upgrade To Exchange 2007 Sp1 Son Vu
Why Upgrade To Exchange 2007 Sp1 Son Vu
 
Microsoft IO 101 Training
Microsoft IO 101 TrainingMicrosoft IO 101 Training
Microsoft IO 101 Training
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vu
 
Microsoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son VuMicrosoft.Virtualization.Technologies Son Vu
Microsoft.Virtualization.Technologies Son Vu
 
Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008Microsoft Hyper V Server 2008
Microsoft Hyper V Server 2008
 

Dernier

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 

Dernier (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 

MS NAP - Security Day

  • 1. Windows Server 2008 – Network Access Protection (NAP) Presented by Vu Nguyen Cao Son EPG Technical Specialist [email_address] www.CaoSonBlog.com
  • 2.
  • 3.
  • 4.
  • 5. Risk-based Decision Making Business and IT Teams “ Best Control Solution” Information Security “ Prioritize Risks” Business Owners “ What’s Important” Assess Risks Define Security Requirements Determine Acceptable Risk Design & Build Security Solutions Operate & Support Security Solutions Measure Security Solutions
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. NAP Architecture Overview Network Policy Server Quarantine Server (QS) Client Quarantine Agent (QA) Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices and Servers System Health Agent (SHA ) MS and 3rd Parties System Health Validator Enforcement Client (EC) (DHCP, IPSec, 802.1X, VPN)
  • 11. How NAP Works Network Access Requests Corporate Network Restricted Network Windows Client Network Enforment Endpoint NPS Active Directory Health Statements QA SHA EC QS SHV Not Compliant Policy Compliant Remediation Servers
  • 12.
  • 13.
  • 14. NAP with DHCP Requesting access. Here’s my new health status. The client requests and receives updates I need to lease an IP address You are not within the Health Policy requirements Access granted. Here is your new IP address NPS Server Client DHCP Server VPN Server IEEE 802.1X Devices Remediation Servers
  • 16. Configuring NAP for DHCP demonstration
  • 17.
  • 18. NAP with VPN and RRAS RADIUS Messages PEAP Messages NPS Server Client VPN Server Remediation Servers
  • 19. IPsec-based Communication Secure network Boundary network Restricted network IPsec Authenticated Unauthenticated
  • 20.
  • 21. Q&A and Thanks You www.CaoSonBlog.com