2.5.3 Remediation

Remediation use case

Figure 17: Remediation use case

Context of Use: This use case is employed when the client is noncompliant with the network policy and it is directed by system health validators (SHV) on the NPS to remediate its' configuration.

Goal: To remediate the client based on the health evaluation response. The exact method of remediation depends on the specifics of the SHA/SHV. However, this document uses the WSHA/WSHV as described in [MS-WSH], as an example.


  • SHA

The SHA is the primary actor which triggers this use case. SHA is a component that maintains and reports one or multiple elements of system health. For example, there might be an SHA for anti-virus signatures and an SHA for operating system updates. An SHA can use a locally-installed system health component to assist in system health management functions in conjunction with a remediation server.

  • Remediation server

Noncompliant computers can access the Remediation servers on the restricted network to obtain the necessary updates, anti-virus signatures, and other software or configuration instructions necessary to become compliant.


  • Client computer

The Client computer is used to access and manipulate protected network resources. Client computers use the NAP protocols to communicate with the network to gain generic access to the network.


  • The NAP client components on the Client computer are deployed and configured correctly by the client administrator.

  • The Client computer is not healthy; it is noncompliant with the enterprise network policy.

Main Success Scenario

  1. Trigger: The SHA receives the failed health evaluation results.

  2. The SHA determines the steps required to remediate from the SoHR.

  3. The SHA performs remediation using the Remediation server.

Post-Condition: Remediation is attempted and the health state of the client is re-evaluated.

Extensions: None.