Provide secure connections for computers

Updated: June 9, 2010

Applies To: Windows Server 2008, Windows Server 2008 R2

You can use the goals below to determine your preferred method for providing secure connections for computers.

• Create and enforce health requirement policies that define the required software and system configurations for computers that connect to your network

• Block or allow incoming and outgoing connections according to the rules that you create

• Isolate both your domain and your servers that store sensitive data in order to limit network access to only authenticated and authorized users

Create and enforce health requirement policies that define the required software and system configurations for computers that connect to your network

To accomplish this goal, you can deploy Network Access Protection (NAP) using both client and server components, as well as network access servers that are compliant with the Remote Authentication Dial In User Service (RADIUS) protocol. For more information, see Network Access Protection at https://go.microsoft.com/fwlink/?LinkID=113053.

Block or allow incoming and outgoing connections according to the rules that you create

To accomplish this goal, you need to configure Windows Firewall with Advanced Security and Internet Protocol security (IPsec). For more information, see Windows Firewall at https://go.microsoft.com/fwlink/?LinkID=95393.

Isolate both your domain and your servers that store sensitive data in order to limit network access to only authenticated and authorized users

To accomplish this goal, you need to deploy Active Directory® Domain Services (AD DS) and Group Policy settings. For more information, see Windows Firewall with Advanced Security and IPsec at https://go.microsoft.com/fwlink/?LinkID=141086.