After we have successfully installed NPS (Network Policy Services) we are able to deploy NPA (Network Access Protection). This will further enhance our VPN connections (or even LAN connections if we wanted too).
What is NPA, in a nutshell, it’s a system to enforce certain rules on a PC that is connected to our network. For instance NPA will allow an administrator to enforce that all PC’s have auto update switched on, or even that it is fully patched, before such a PC is allowed full access to the network, if it doesn’t comply with this policy, it is either revoked access, or allowed limited access to certain services, so that it can actually be repaired. In this case, if the PC doesn’t have auto update switched on, it could then be switched on automatically, or if it is not fully patched, we would allow access to a WSUS server, so that it actually can be patched to the level required by the policy. As soon as it has met the requirements, full access is restored. The servers or services are that are used to “repair” a client are called remediation services.