With the release of Windows Server 2008 R2, Windows Network Access Protected Mode (NAP) has added new features. In this article, the author will give a brief introduction to the new features.
The Network Access Protection (NAP) feature provided in Windows Server 2008 has been updated to the R2 version. I have introduced a lot of Microsoft NAP functions in articles such as Windows functions, wireless network access protection, Windows clients using network access protection, and network access protection solutions for large enterprises. NAP included in the Windows Server 200 R2 release provides the following new features:
The System Security Verification Tool (SHV) has been updated with multi-configuration support, which we call multi-configuration SHV. This allows security policies to be controlled based on the connection status of the application. The most obvious example is that a system connected by a VPN can apply a separate policy and a system connected by a LAN can also apply the corresponding policy.
Windows 7 can support the network access protection configuration in both the newly released Windows Server 2008 R2 and Window 7.
Network Policy Server (NPS) provides multiple configuration templates. It can be imported and exported to other network policy servers.
The Remote User Dial-in Authentication System (RADIUS) logging function has also been improved. It can now record more log information including SQL Server and text records, and can achieve centralized logging.
It is important to point out here that some versions of Windows systems only support the network policy server function. The enterprise and data center versions support all functions of the network policy server. The standard version includes a limit of up to 50 remote user dial-up authentication system clients, while the network version does not support the network policy server.
Is the Microsoft Network Access Protection solution suitable for most network environments? For larger network environments, people prefer to choose network-based access protection solutions provided by Cisco and Juniper. However, Microsoft's network access protection solution includes all basic functions and provides a large number of policy settings, giving users a new choice. Is your network environment suitable for NAP? Is Microsoft an option? Please share your thoughts with everyone.