:: infotechGuyz.com ::
> For IT community by IT community

• Windows Server 2008
• Exchange Server 2007
• Exchange Server 2010
• Scripting / Command-line
• Networking
• Storage Area Network
• BlackBerry Server (BES)
• SQL Server 2005
• Windows 7
• Office 2010

InfotechGuyz.com Blog

How to deploy a Server 2008 Network Policy Server

Installing Network Policy Server role on Server 2008 makes it an Enforcement Server and System Health Agent.

Network Policy Server Terminology

- 802.1X authentication
Server 2008 Network Policy Server can validate clients and place them in 802.1X network. As Wikipedia explains it, EEE 802.1X is an IEEE standard for port-based Network Access Control. It provides authentication to devices attached to a LAN port, establishing a point-to-point connection or preventing access from that port if authentication fails.

- Internet Protocol Security (IPSec)
Server 2008 Network Policy Server can validate IPSec clients based on their health. As Wikipedia explains it, IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet in a data stream. IPsec also includes protocols for cryptographic key establishment.

- Virtual private network (VPN) connections
Server 2008 Network Policy Server can validate VPN clients based on their health. As Wikipedia explains it, A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when this is the case.

- Dynamic Host Configuration Protocol (DHCP) addresses
Server 2008 Network Policy Server can validate DHCP clients and lease IP address based on their health status. As Wikipedia explains it, Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked devices (clients) to obtain the parameters necessary for operation in an Internet Protocol network.

 

Install Network Policy Server Role

1. Open Server Manager
2. Click Add Roles
3. Click Next,
4. Choose, “Network Policy and Access Services”
5. Click Next
6. Choose “Network Policy Server”, “Routing and Remote Access Service”, Health Registration Authority
7. Choose to install a local CA or use a remote CA
8. Confirm settings and click Install

 

 

Enforcing Policies with Server 2008 Network Policy Server

Network Policy MMC console can be used to manage the Network Server. Start> All Programs> Administrative Tools> Network Policy Server. I won’t go through the details but below is process of configuring Server 2008 Network Policy Server.

1. Create a System Health Validator.
2. Create a health policy for compliant clients.
3. Create a health policy for noncompliant clients.
4. Create a network policy for compliant clients.
5. Create a network policy for noncompliant clients.