802.1X port-based wired NAP Enforcement

Question

I'm learning about NAP enforcement in Windows Server 2008 R2.

I am unable to grasp how to enforce NAP based on port. I understand that 802.1x wired NAP Enforcement uses switches to decide whether computers is compliant enough to go on network, or whether computer should go to remediation network.

I've been trying to google steps for how port numbers come into play when using 802.1x wired NAP Enforcement for the past hour, but nothing has come up. The closest thing to being helpful was this

http://technet.microsoft.com/en-us/library/cc770861(v=ws.10).aspx

and

http://msdn.microsoft.com/en-us/library/dd125336(v=ws.10).aspx

Please point me in the right direction

Thanks

Grant · Accepted Answer · 2014-09-27T16:21:42.807

1

Port based NAP isn't about TCP/IP ports. It's about physical switch ports. The things we plug the ethernet cables into. You need a switch which supports it.

Port numbers do come into play when setting up noncompliance network policy - you define which IP addresses and which ports the computer is allowed to communicate on when it is not compliant and not allowed on the entire network. Usually this will include things like antivirus and windows update servers, so it has access to the resources it needs to become compliant.

edited Sep 27 '14 at 16:21

answered Sep 27 '14 at 16:08

Grant

17,671
14
69
101

now I understand – Glowie Sep 27 '14 at 16:11
`Usually this will include things like antivirus and windows update servers, so it has access to the resources it needs to become compliant` --- this makes sense! – Glowie Sep 27 '14 at 16:13

802.1X port-based wired NAP Enforcement

1 Answers1