Network Policy Server/Radius
NPS is the replacement for Internet Authentication Service (IAS), Microsoft??™s implementation
of RADIUS (Remote Authentication Dial-In User Service), so logically NPS
performs that role as well with Windows Server 2008. The difference is that NPS has
extended that role to act as a policy server for NAP components. Health policy checks
are defined in the NPS server, which also acts as the middleman for obtaining health
certificates and connections to 802.1x and VPN devices.
NAP Agent
The NAP agent is the client used to collect information from all SHAs and transmit that
information to the NAP Enforcement Clients (ECs).
System Health Agent
SHAs are the ultimate know-it-alls for how a component is evaluated in terms of health.
Windows Server 2008 and Windows Vista contain a few built-in system health agents
that allow it to evaluate information such as firewall and anti-virus status. A large number
of Microsoft partners are also working on developing and releasing their own system
health agents. You can add these components to your systems to provide a more indepth
health evaluation. For example, you might employ a third-party SHA for making
sure that specific applications are installed on the system to be considered healthy. These
agents then talk up to the NAP agent to consolidate and communicate this information
back to the NPS to obtain the required approvals to gain full access to your network.
Pages:
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305