The Network Access Protection Client for Windows XP is the same “platform” as the one shipping in Windows VISTA. However, some of the ways it differentiates itself from XP are:

• It is built-in to the product (out-of-the-box)
• An administration console is available for local and Group Policy configuration.
• The Windows System Health Agent (built-in “client” piece of NAP) takes advantage of Windows Defender support in the Security Center.
• The underlying enforcement technologies have advanced features including: Authenticated IP for IPsec and Single Sign-On support for 802.1x.

As a platform is the same, this has advantages for those who want to extend NAP. Vendors can write NAP extensions ONCE, and use it on many OS platforms. It will also enable NAP deployments to define their server-side policies ONCE, no matter where they are in their migration towards VISTA clients.

- Rob Trace

Program Manager

Network Access Protection

Rob.Trace@online.microsoft.com