Presentation is loading. Please wait.

Presentation is loading. Please wait.

Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. TechNet goes virtual NAP and NPS in Windows Server.

Published byLizbeth Quinn Modified over 8 years ago

Similar presentations

Presentation on theme: "Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. TechNet goes virtual NAP and NPS in Windows Server."— Presentation transcript:

1 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. TechNet goes virtual NAP and NPS in Windows Server ® 2008 R2 and Windows ® 7 Jeff Alexander IT Pro Evangelist Microsoft Australia http://blogs.technet.com/jeffa36

2 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. What Will We Cover? Better Together User Interface Improvements DirectAccess and Terminal Services Gateway Health Policies

3 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Agenda Reviewing Network Access Protection Examining Deployment Improvements Exploring Configuration and Management Viewing Network Access Protection Integration Improvements

4 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Today’s Network Challenges Customers Partners Remote Employees

5 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Business and Technical Benefits Reduce the risk of network security threats Safeguard sensitive data and intellectual property Extend the value of existing investments

6 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. 1 1 Remediation Servers Example: Patch Network Access Protection Restricted Network 1 1 Windows Client 2 2 2 2 DHCP, VPN or Switch/Router relays health status to Microsoft Network Policy Server (RADIUS) 3 3 3 3 Network Policy Server (NPS) validates against IT-defined health policy 4 4 If not policy compliant, client is put in a restricted VLAN and given access to fix up resources to download patches, configurations, signatures (Repeat 1-4) Not policy compliant 5 5 If policy compliant, client is granted full access to corporate network Policy compliant NPS DHCP, VPN Switch/Router 4 4 Policy Servers such as: Patch, AV Corporate Network 5 5 Client requests access to network and presents current health state

7 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. NAP Components Network Policy Server Network Policy Server Client NAP Agent Health Policy Updates Health Statements Network Access Requests Health Requirement Servers Remediation Servers Health Result Health Certificate Health Registration Authority SHA SHV QEC 1 QEC 2

8 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Policy Pipeline for NAP OUT: NT4-MachineName QuarantineSession QuarCorrelationID Machine-Inventory Not-Quarantine- Capable IN: Windows-NT- MachineName OUT: Windows-Machine- Groups IN: QuarantineSession OUT: Machine-Health- Results IN: Windows- Machine-Groups Machine-Health- Results Not-Quarantine- Capable OUT/IN: Quarantine-State Quarantine-Grace- Time Remediation-Servers Quarantine-URL AFW-Quarantine- Zone AFW-Protection- Level IN: MS-EAP-TLV MS-Machine- Name OUT: MS-EAP-TLV Remediation- Servers Quarantine-State Quarantine- Grace-Time AFW-Quarantine- Zone AFW-Protection- Zone Machine Name Mapping Machine Account Validation Network Access Policy Quarantine Evaluator Post - Quarantine Evaluator

9 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Configure Certificate Templates Configure PKI Request SSL Certificate Demonstration: Configuring PKI to Support NAP

10 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Agenda Reviewing Network Access Protection Examining Deployment Improvements Exploring Configuration and Management Viewing Network Access Protection Integration Improvements

11 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. NPS Updates NPS Templates Network Policy Server Logging Improvements UTF-8

12 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. IAS Migration Windows Server 2008 R2 NPS can import configuration from Windows Server 2003 Internet Authentication Service (IAS) –Available for Windows Server 2008 as a QFE Microsoft Confidential

13 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Agenda Reviewing Network Access Protection Examining Deployment Improvements Exploring Configuration and Management Viewing Network Access Protection Integration Improvements

14 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Multiple SHV Policy A single server can now enforce a number of different health policies using a single system health validator (SHV) –Requires SHV updates for Windows Server 2008 R2

15 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. New NAP Client User Interface Integration with Action Center Tray Icon Integration with Windows 7 Action Center

16 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Off-network Health Assessment NPS Corporate Resources Policy ServersHRA Remediation Servers e.g., Patch Not policy compliant

17 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Install Network Policy and Access Services Role Create Connection Request Policy Configure the Windows SHVs Demonstration: Installing and Configuring Network Policy and Access Services

18 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Agenda Reviewing Network Access Protection Examining Deployment Improvements Exploring Configuration and Management Viewing Network Access Protection Integration Improvements

19 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Integration Improvements Microsoft Confidential Remote Desktop Gateway DirectAccess Microsoft® Forefront™ code name Stirling

20 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. DirectAccess Technical Details IPv6 Devices IPv4 Devices DirectAccess Server Windows 7 Client Native IPv6 with IPSec IPv6 Transition Services Supports variety of remote network protocols IPSec encryption and authentication. 2 Tunnels are established - DirectAccess Server acts as gateway Direct connectivity to IPv6-based Intranet resources Support IPv4 via 6to4 transition services or NAT-PT IT desktop management Internet AD Group Policy, NAP, software updates

21 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Configure DirectAccess IPsec Rules Configure DirectAccess Client for NAP Connect Windows 7 Client using DirectAccess Demonstration: Integrating NAP with DirectAccess

22 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Session Summary Better Together User Interface Improvements DirectAccess and Terminal Services Gateway Health Policies

23 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Where to Find More Information Visit TechNet at technet.microsoft.com Also check out TechNet Edge edge.technet.com Or, just visit http://blogs.technet.com/jeffa36 for additional information on this session

24 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. For more titles, visit http://go.microsoft.com/?linkid=9662659 Supporting Publications

25 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. Microsoft TechNet Plus TechNet Plus is an essential, premium, Web-enabled, and live support resource that provides IT professionals with fast and easy access to Microsoft experts, software, and technical information, enhancing IT productivity, control, and planning. Evaluate and Learn Plan and Deploy Support and Maintain Use the TechNet Library to plan for deployment using the Knowledge Base, resource kits, and technical training Use exclusive tools, like System Center Capacity Planner, to accurately plan for and deploy Exchange Server and System Center Operations Manager Use the TechNet Library to plan for deployment using the Knowledge Base, resource kits, and technical training Use exclusive tools, like System Center Capacity Planner, to accurately plan for and deploy Exchange Server and System Center Operations Manager Two complimentary Professional Support incidents for use around the clock (20-percent discount on additional incidents) Access more than 100 managed newsgroups and get next business day response — guaranteed Use the TechNet Library to maintain your IT environment with security updates, service packs, and utilities Two complimentary Professional Support incidents for use around the clock (20-percent discount on additional incidents) Access more than 100 managed newsgroups and get next business day response — guaranteed Use the TechNet Library to maintain your IT environment with security updates, service packs, and utilities Get all these resources and more with a TechNet Plus subscription. For more information visit: technet.microsoft.com/subscriptions. Evaluate full versions of all Microsoft commercial software for evaluation— without time limits; this includes all client, server, and Microsoft Office applications Try out all the latest betas before public release Keep your skills current with quarterly training resources, including select Microsoft E-Learning courses Evaluate full versions of all Microsoft commercial software for evaluation— without time limits; this includes all client, server, and Microsoft Office applications Try out all the latest betas before public release Keep your skills current with quarterly training resources, including select Microsoft E-Learning courses

26 Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved.

Download ppt "Click to edit Master title style TechNet goes virtual ©2009 Microsoft Corporation. All Rights Reserved. TechNet goes virtual NAP and NPS in Windows Server."

Similar presentations

What is Infrastructure Optimisation and Why should you care?

What is Infrastructure Optimisation and Why should you care?
Rick Claus IT Pro Advisor Microsoft Canada Rodney Buike IT Pro Advisor Microsoft Canada

Rick Claus IT Pro Advisor Microsoft Canada Rodney Buike IT Pro Advisor Microsoft Canada
Tech·Ed North America /6/2017 9:33 AM

Tech·Ed North America /6/2017 9:33 AM
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.

Securing Remote Network Access FirePass ®. Business Case VirginiaCORIS is an initiative to modernize the way that offender information is managed, to.
Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.

Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.
Microsoft Software Assurance for Academic Licensing Programs.

Microsoft Software Assurance for Academic Licensing Programs.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Jayson Ferron CIO Interactive Security Training WSV206.

Jayson Ferron CIO Interactive Security Training WSV206.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Jason Leznek, Group Product Manager, Windows Client Justin Graham, Senior Product Manager, Windows Server.

Jason Leznek, Group Product Manager, Windows Client Justin Graham, Senior Product Manager, Windows Server.
Windows Server 2008 Network Access Protection (NAP) Technical Overview.

Windows Server 2008 Network Access Protection (NAP) Technical Overview.
Vito Konopelec Microsoft Slovakia Building The Optimized Desktop Infrastructure with Windows 7 and Windows Server 2008 R2.

Vito Konopelec Microsoft Slovakia Building The Optimized Desktop Infrastructure with Windows 7 and Windows Server 2008 R2.
Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India

Windows Network Policy Server Fundamentals Ranjana Jain MCSE, MCT, RHCE, CISSP, CIW Security Analyst IT Pro Evangelist Microsoft India
Agenda Master Expert Associat e Microsoft Certified Solutions Master (MCSM) Microsoft Certified Solutions Expert (MCSE) Microsoft Certified Solutions.

Agenda Master Expert Associat e Microsoft Certified Solutions Master (MCSM) Microsoft Certified Solutions Expert (MCSE) Microsoft Certified Solutions.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Similar presentations

Ads by Google