Questions about MS-NAP integration

Scholar

Questions about MS-NAP integration

Dear members

 

We are looking into a deployment and how it could integrate with MS NAP. I'm no MS NAP expert so I would like to exploit your expirience on the field.

 

I understand that FSCS has NAP integration so it can report to MS-NAP it's health state. Based on the result the an 802.1 compliant switch can isolate / restrict the client.

 

But here are my questions:

1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

2. If Question 1 is yes, this can happen on workstations that are part of the domain or stand-alone workstations also?

3. Could MS NAP used to automatically deploy F-Secure software to the endpoint? Again feedback needed in case the endpoint is part of a windows domain, and in case it is a stand-alone (a visitor's laptop) host

 

Thank you

Costas

1 REPLY 1
F-Secure
F-Secure

Re: Questions about MS-NAP integration

Hello Costas,

 

> 1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

 

No. NAP support module is installed in process of product installation.

 

> 3. Could MS NAP used to automatically deploy F-Secure software to the endpoint?

 

No. You can use Policy manager for that.

 

Best regards,

Vad.