Network Access Protection in Windows Server vNext

Network Access Protection in Windows Server vNext

To me, Network Access Protection (NAP) was a wonderful technology, allowing IT and network administrators to segregate trusted connections from untrusted and temporary connections, or to allow administrators to stay computers from connecting to the corporate network until they met the current operating level. In essence, it was a sort of decompression chamber like you see in Sci-Fi movies, allowing space walkers to acclimate to the environment and shed potential mutagens before joining the rest of the crew.

NAP was introduced to the DHCP Server role with the release of Windows Server 2008. The technology was deprecated when Microsoft delivered Windows Server 2012 R2. This was a change from the original Windows Server 2012 release where it was still included and supported. NAP was deprecated in lieu of newer technologies such as DirectAccess and Windows Web Application Proxy.

Now, comes Windows Server Technical Preview for Windows Server vNext (or Windows Server 10). NAP is still a fully supported technology for Windows Server 2008 through Windows Server 2012 R2 (though deprecated), but in Windows Server 10 its gone missing completely.

In Windows Server Technical Preview, DHCP servers are no longer capable of enforcing NAP policies, and DHCP scopes cannot be NAP-enabled. So, if you're planning to deploy Windows Server 10 when released and are currently vested in NAP, you should start now to understand DirectAccess and Windows Web Application Proxy and plan your migrations to these technologies.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.