NAP Enforcement Methods

Applies To: Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Network Policy Server (NPS) enforces Network Access Protection (NAP) health policies for the following network technologies:

  • 802.1X port-based wired and wireless network access control. For more information, see NAP Enforcement for 802.1X.

  • Dynamic Host Configuration Protocol (DHCP) Internet Protocol version 4 (IPv4) address lease and renewal. For more information, see NAP Enforcement for DHCP.

  • Internet Protocol security (IPsec) policies for Windows Firewall on client computers. For NAP IPsec enforcement, the IPsec enforcement client must be installed on client computers. For more information, see NAP Enforcement for IPsec Communications.

  • Remote Desktop Gateway connections by using Remote Desktop Services, which in previous product versions was named Terminal Services. For more information, see NAP Enforcement for Remote Desktop Gateway.

  • Virtual private networks (VPN) with Routing and Remote Access. For more information, see NAP Enforcement for VPN.

Using multiple enforcement methods

Each of these NAP enforcement methods has strengths and weaknesses. By combining enforcement methods, you can eliminate most of the weaknesses of your NAP deployment. Deploying multiple NAP enforcement methods, however, can make your NAP implementation more complex to manage.