This certainly helps reduce the threat significantly, but it isn??™t 100 percent
bulletproof.
NOTE When you enable NAP, you might be afraid that you??™re going to disconnect everyone from
the network because they don??™t all comply with the policy you defined. This is not the case. You, as
the administrator, have the ultimate say for how your NAP-enabled devices will act in the event that
one does not comply with your policies. For example, during initial roll-out, you may choose not to do
anything but simply log the fact that a machine is not compliant. This auditing feature is a good starting
point because it lets you see what could happen if your policy was in full effect and gives you time to
remediate your noncompliant systems. If you??™re careful, turning on NAP will be mostly transparent to
your users, just as you want it to be.
NAP implementation isn??™t going to happen overnight. Don??™t expect to buy lots of
hardware and have it up and running the next day (although I??™m sure many of you??”or
more likely, many of your upper managers??”might want just that). You need to bring to
the table all the key players and every group that manages your infrastructure including
network, server, and desktop resources. This is because the system cannot work unless
all pieces are implemented just right. Your network team needs to ensure that your network
infrastructure is up to par if you want to enable 802.
Pages:
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308