Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Questions about MS-NAP integration

Dear members

 

We are looking into a deployment and how it could integrate with MS NAP. I'm no MS NAP expert so I would like to exploit your expirience on the field.

 

I understand that FSCS has NAP integration so it can report to MS-NAP it's health state. Based on the result the an 802.1 compliant switch can isolate / restrict the client.

 

But here are my questions:

1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

2. If Question 1 is yes, this can happen on workstations that are part of the domain or stand-alone workstations also?

3. Could MS NAP used to automatically deploy F-Secure software to the endpoint? Again feedback needed in case the endpoint is part of a windows domain, and in case it is a stand-alone (a visitor's laptop) host

 

Thank you

Costas

Answers

  • VadVad Posts: 1,047

    Hello Costas,

     

    > 1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

     

    No. NAP support module is installed in process of product installation.

     

    > 3. Could MS NAP used to automatically deploy F-Secure software to the endpoint?

     

    No. You can use Policy manager for that.

     

    Best regards,

    Vad.

    Inter_Eng
This discussion has been closed.