Checklist: Implementing a No Enforcement Design

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

This parent checklist includes cross-reference links to important concepts about the Network Access Protection (NAP) with no enforcement design. It also contains links to subordinate checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic or to a subordinate checklist, return to this topic after you review the conceptual topic or you complete the tasks in the subordinate checklist so that you can proceed with the remaining tasks in this checklist.

Checklist: Implementing a no enforcement design

Task Reference

Review important concepts and examples for the NAP with no enforcement design.

No Enforcement Design

No Enforcement Example

Review the hardware, software, network, and client requirements for deploying NAP.

Appendix A: NAP Requirements

According to your design plan, install and configure one or more NAP certification authority (CA) servers.

Checklist: Deploy a NAP CA

According to your design plan, install and configure one or more Health Registration Authority (HRA) servers.

Checklist: Deploy an HRA Server

According to your design plan, install and configure one or more NAP health policy servers.

Note
Network Policy Server (NPS) will report client health from all system health agents (SHAs) that are enabled in a health policy. You can also configure a network policy with this health policy condition, but this is not required if an existing network policy already matches NAP client access requests. When a client requests network access, it will provide health status for all installed SHAs that are enabled in NPS health policies.

Checklist: Deploy a NAP Health Policy Server

Configure Policies for IPsec Enforcement

Configure NAP clients for the no enforcement method.

> [!NOTE] > NAP client computers configured for the no enforcement method use the same settings as the IPsec enforcement method.

Checklist: Deploy NAP Client Settings

See Also

Concepts

No Enforcement Configuration