Best Practices Analyzer for Network Policy Server

Updated: March 29, 2012

Applies To: Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

In Windows management, best practices are guidelines that are considered the ideal way—under normal circumstances and as defined by experts—to configure a server. While best practice violations, even critical ones, do not necessarily lead to problems, they indicate server configurations that can result in poor performance, poor reliability, unexpected conflicts, increased security risks, or other potential issues.

Topics in this section can help you bring Network Policy Server (NPS) running on Windows Server 2008 R2 into compliance with best practices. NPS is one of the roles services that are installed as part of the Network Policy and Access Service (NPAS) server role. Content in this section is most valuable to administrators who:

  • Have completed a Best Practices Analyzer scan of the NPAS server role.

  • Want information about how to interpret and resolve scan results that identify areas of NPS that are not compliant with best practices.

For more information about Best Practices Analyzer and scans, see Best Practices Analyzer (

More information about NPS

You can use NPS in Windows Server 2008 and Windows Server 2008 R2 to create and enforce organization-wide network access policies for client health, connection request authentication, and connection request authorization. In addition, you can use NPS as a Remote Authentication Dial-In User Service (RADIUS) proxy to forward connection requests to NPS or other RADIUS servers that you configure in remote RADIUS server groups. NPS also contains key components for deploying Network Access Protection (NAP) on your network and you can deploy NPS as a NAP health policy server. For more information about NPS, see Network Policy Server (NPS) at (