NAP Administration Server
The NAP administration server is responsible for taking all the data from SHVs and then
determining whether to place a client into remediation or grant access to the protected
systems.
259 Chapter 8: Network Policy and Access Services
System Health Validator
SHVs are the server components that determine whether a client is healthy or not, based
on data submitted by the clients through SHAs. This response is then communicated
back to the client using a Statement of Health Response (SoHR). These validators sit
on the NPS server and compare incoming client requests against the policy set on the
server.
Health Policy
These individual policies define the requirements for getting access to the protected network.
A policy might ask whether the Windows Firewall is enabled and whether the
network has anti-virus software that is not only running but is running the latest virus
definitions. Multiple health policies can be defined on a system, one for each type of enforcement
client. For example, you can define separate criteria for 802.1X access versus
VPN access.
Accounts Database
This database is the central account authentication store. For all intents and purposes,
Active Directory fulfills this role for Windows Server 2008.
Health Registration Authority
The role of the HRA is to act as a broker between healthy computers and the CA to obtain
a health certificate to prove that the client has indeed passed all health checks.
Pages:
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306