Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

Published byHerbert McCoy Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,"— Presentation transcript:

1 © 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Network Access Protection Working to ensure that laptops don’t infect your network with malware – without buying yet another product

2 “Third-party security vendors will want to be part of the NAP party” Alan Stevens, IT Week, 30 July 2007 http://www.itweek.co.uk/itweek/comment/2195249/nac-solution-looking-problem

3 How do you deal with managing the health of machines connecting to your network? Owned Assets Guests \ Consultants Uninvited Visitors

4 The four elements of NAP NAP is a health solution ! Health Policy Validation Network Restriction Remediation Ongoing Compliance

5 Network Protection with NAP Requesting access. Here’s my new health status. MS NPS Client VISTA XP SP3 Network Access Device Remediation Servers May I have access? Here’s my current health status. Should this client be restricted based on its health? Ongoing policy updates to Network Policy Server You are given restricted access until fix-up. Can I have updates? Here you go. According to policy, the client is not up to date. Quarantine client, request it to update. Restricted Network Client is granted access to full intranet. System Health Servers According to policy, the client is up to date. Grant access.

6 NAP Architecture Client SHA – System Health Agents check client state Nap Agent – Coordinates SHA/EC EC – Enforcement Client controls network access Remediation Server Serves up patches, AV signatures, etc. Network Policy Server NAP Server – evaluates client health SHV - System Health Validator evaluates SHA answer from clients System Health Server – Management \ Health products like System Center Configuration Manager NPS Policy Server (RADIUS) NAP Server Client NAP Agent Health policy Updates Health Statements Network Access Requests System Health Servers Remediation Servers Health Certificate Network Access Devices Certificate Services (IPSEC) (SHA) MS SHA, SMS (SHA) MS SHA, SMS System Health Validator (EC) (DHCP, IPSec, 802.1X, VPN ) (SHA) 3 rd Parties (SHA) 3 rd Parties (EC) 3 rd Party EAP VPN’s

7 NAP - Enforcement Options

8 What health items can NAP assess? Any application that integrates with the Windows Security Center Firewall Status Automatic Updating Antivirus - Enbabled and Up to Date On Vista: AntiMalware – Enabled and up to date Microsoft System Center Configuration Manager 2007 for software updates. Microsoft Forefront Client Security A range of third health and management products

9 What do I need to make this work? At least one Windows Server 2008 Network Policy Server Clients must be running Windows XP SP3, Vista or Windows Server 2008 MAC \ Linux clients? We have partners delivering solutions A deployment plan: Reporting Mode Deferred Enforcement Enforcement

10 NAP works with the Industry Rich Platform APIs for network, security and management ISVs/IHVs Broadly Adopted 120+ partners developing solutions on NAP Anti Virus, network, security vendors + System Integrators Most Interoperable network health Solution Tested with over 98% of switch and access point market Integration with 3 rd party VPN underway Standards NAP Protocol now adopted by Trusted Computing Group as a standard mechanism for communicating health! Protects your customers investments

11 What is Microsoft Forefront? Microsoft Forefront is a comprehensive line of business security products providing greater protection and control through integration with your existing IT infrastructure and through simplified deployment, management, and analysis. Edge Client and Server OS Server Applications

12 IT Service Management Data Protection Manager ‘Service Desk’ Capacity Planner Reporting Manager Operations Manager Client Data Storage & Recovery Problem Management Capacity Management IT Reporting Client Operations Management Configuration Manager Operations Manager Performance & Availability Monitoring Software Update & Deployment Microsoft System Centre Enabler for Microsoft’s Best Practices Microsoft Operations Framework Infrastructure Optimization

13 Call to action Don’t buy another product without looking closely at the features you’ve already paid for! Stop.

14 Next steps Receive the latest Security news, sign-up for the: Microsoft Security Newsletter Microsoft Security Notification Service Assess your current IT security environment Download the free Microsoft Security Assessment Tool Find all your security resources here http://www.microsoft.com/uk/security/infosec2008 http://www.microsoft.com/uk/security/infosec2008

15 Session Evaluation Hand-in you session evaluation on your way out Win one of 2 Xbox 360 ® Elite’s in our free prize draw* Winners will be drawn at 3.30 today Collect your goody bag which includes. Windows Vista Business (Upgrade), Forefront Trials, Forefront Hand-On-Labs Security Resources CD I’ll be at the back of the room if you have any questions * Terms and conditions apply, alternative free entry route available.

Download ppt "© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,"

Similar presentations

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Tech·Ed North America /6/2017 9:33 AM

Tech·Ed North America /6/2017 9:33 AM
Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.

Network Access Protection & Network Admission Control March 10, 2005 Teerapol Tuanpusa Network Consultant Cisco Systems Thailand Jirat Boomuang Technology.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
May 30 th – 31 st, 2006 Sheraton Ottawa. Network Access Protection Gene Ferioli Program Manager Customer Advisory Team Microsoft Corporation.

May 30 th – 31 st, 2006 Sheraton Ottawa. Network Access Protection Gene Ferioli Program Manager Customer Advisory Team Microsoft Corporation.
Agenda Introduction Network Access Protection platform architecture

Agenda Introduction Network Access Protection platform architecture
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.

Providing 802.1X Enforcement For Network Access Protection Mudit Goel Development Manager Windows Enterprise Networking Microsoft Corporation.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.

Network Access Protection Platform Architecture Joseph Davies Technical writer Windows Networking and Device Technologies Microsoft Corporation.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.

Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Jayson Ferron CIO Interactive Security Training WSV206.

Jayson Ferron CIO Interactive Security Training WSV206.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Similar presentations

Ads by Google