To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Questions about MS-NAP integration

Options
Inter_Eng
Inter_Eng W/ Alumni Posts: 3 Security Scout

Dear members

 

We are looking into a deployment and how it could integrate with MS NAP. I'm no MS NAP expert so I would like to exploit your expirience on the field.

 

I understand that FSCS has NAP integration so it can report to MS-NAP it's health state. Based on the result the an 802.1 compliant switch can isolate / restrict the client.

 

But here are my questions:

1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

2. If Question 1 is yes, this can happen on workstations that are part of the domain or stand-alone workstations also?

3. Could MS NAP used to automatically deploy F-Secure software to the endpoint? Again feedback needed in case the endpoint is part of a windows domain, and in case it is a stand-alone (a visitor's laptop) host

 

Thank you

Costas

Comments

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader
    Options

    Hello Costas,

     

    > 1. Is it possible for NAP to isolate new and unprotected computers? E.g. detect that a computer does not have F-secure installed on it and thus 'command' it's isolation.

     

    No. NAP support module is installed in process of product installation.

     

    > 3. Could MS NAP used to automatically deploy F-Secure software to the endpoint?

     

    No. You can use Policy manager for that.

     

    Best regards,

    Vad.

This discussion has been closed.