AI
Monday, June 05, 2006 12:37:59 PM
dig space, re: NAP
A look at Microsoft's NAP for starters...
>>>
The overall NAP architecture consists of eight components:
- The three NAP client components (an SHA layer, the Quarantine Agent, and a QEC layer)
- The four NAP server-side components (an SHV layer, the Quarantine Server, IAS, and a QES layer)
- Policy servers
The following figure shows the relationships between the components of the NAP platform.
Notice the matching of the following sets of components:
- QECs and QESs are typically matched.
For example, the DHCP QEC on the NAP client is matched to the DHCP QES on the NAP server.
- SHAs, SHVs, and policy servers can be matched.
For example, an antivirus SHA on the client is matched to an antivirus SHV on the quarantine-capable server and to an antivirus signature policy server.
The NAP server can have SHVs that do not have a corresponding SHA or policy server. For example, a SHV that checks with an intrusion detection system (IDS) server before making the quarantine decision may not have a corresponding SHA or policy server.
To extend the NAP platform and create a new method by which the health of a connecting client is evaluated, third-party software vendors must create an SHA for the NAP client, an SHV for the IAS server or the NAP servers that provide or authorize network access, and, if needed, a policy server. If the policy server already exists, such as an antivirus signature distribution server, then only the corresponding SHA and SHV components need to be created. In some cases, a policy server is not needed.
<<<
http://msdn.microsoft.com/library/en-us/nap/nap/nap_server_architecture.asp?frame=true
tinyURL: http://tinyurl.com/ot7g2
NAP start page:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/nap/nap/network_access_protection_s....
tinyURL: http://tinyurl.com/rrb2b
(SHA = System Health Agent, SHV = System Health Validator)
Regards
SL
A look at Microsoft's NAP for starters...
>>>
The overall NAP architecture consists of eight components:
- The three NAP client components (an SHA layer, the Quarantine Agent, and a QEC layer)
- The four NAP server-side components (an SHV layer, the Quarantine Server, IAS, and a QES layer)
- Policy servers
The following figure shows the relationships between the components of the NAP platform.
Notice the matching of the following sets of components:
- QECs and QESs are typically matched.
For example, the DHCP QEC on the NAP client is matched to the DHCP QES on the NAP server.
- SHAs, SHVs, and policy servers can be matched.
For example, an antivirus SHA on the client is matched to an antivirus SHV on the quarantine-capable server and to an antivirus signature policy server.
The NAP server can have SHVs that do not have a corresponding SHA or policy server. For example, a SHV that checks with an intrusion detection system (IDS) server before making the quarantine decision may not have a corresponding SHA or policy server.
To extend the NAP platform and create a new method by which the health of a connecting client is evaluated, third-party software vendors must create an SHA for the NAP client, an SHV for the IAS server or the NAP servers that provide or authorize network access, and, if needed, a policy server. If the policy server already exists, such as an antivirus signature distribution server, then only the corresponding SHA and SHV components need to be created. In some cases, a policy server is not needed.
<<<
http://msdn.microsoft.com/library/en-us/nap/nap/nap_server_architecture.asp?frame=true
tinyURL: http://tinyurl.com/ot7g2
NAP start page:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/nap/nap/network_access_protection_s....
tinyURL: http://tinyurl.com/rrb2b
(SHA = System Health Agent, SHV = System Health Validator)
Regards
SL
"RTFM"
Join the InvestorsHub Community
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
