Information Technology Reference
In-Depth Information
Network Access Protection (NAP) works with NPS server to ensure that clients connecting to
the network meet specific health requirements. These requirements are validated by SHVs.
NPS health policies work with connection request policies and network polices to enforce
NAP health requirements and remediation. NAP is deprecated in Windows Server 2012 R2.
This means that NAP is still supported in Windows Server 2012 R2 and Windows 8.1, but will
not be supported in future versions of Windows.
This objective covers how to:
■
Configure system health validators (SHVs)
■
Configure health policies
■
Configure NAP enforcement using DHCP and VPN
■
Configure isolation and remediation of noncompliant computers using DHCP
and VPN
■
Configure NAP client settings
The only system health validator (SHV) that ships with Windows Server 2012 R2 is the
Windows Security Health Validator (WSHV). You can modify the Default Configuration (ID 0)
of the WSHV or you can create new configurations.
To create a new WSHV configuration, follow these steps:
1.
Open the Network Policy Server console and expand NPS (Local) in the console tree.
2.
In the Network Access Protection pane, expand System Health Validators and then
Windows Security Health Validator.
Right-click Settings and select New from the menu to open the Windows Security
Health Validator dialog box shown in Figure 4-39.
3.
