1X or VPN enforcement. Your
server team needs to make sure that correct infrastructure servers necessary to remediate
an unhealthy system are available and accessible in your border zone. Your desktop team
will need to verify that your desktops are running NAP-aware operating systems such as
Windows XP SP2 (with the appropriate updates) and Windows Vista. Finally, you??™ll need
to sit together as a group and determine exactly what criteria defines a healthy system
along with what action to take if a host is found not to be compliant.
ARCHITECTURE
Now that you understand the various components and how they are interdependent,
let??™s explore the NAP architecture in its entirety. Because pictures can often do a better
job of demonstrating interactions and dependencies than words, we??™ll start off by taking
a look at how a NAP client interacts with the various NAP components in Figure 8-2.
As you can see in Figure 8-2, NAP clients that are both compliant and noncompliant
with your health policy must be able to communicate at least with the key infrastructure
servers in your boundary zone, including remediation servers if needed. The NPS that
holds all your health policies and is responsible for procuring health certificates or validating
statements of health records by NAP clients never interacts with the client directly.
Instead, it interacts with the various authentication mechanisms sitting in the boundary
zone.
Pages:
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309