Network Policy and Access Services
Applies To: Windows Server 2008
The Network Policy and Access Services (NPAS) server role is a logical grouping of the following related network access technologies:
Health Registration Authority (HRA)
Host Credential Authorization Protocol (HCAP)
These technologies are the role services of the NPAS server role. When you install the NPAS server role, you can install one or more role service while running the Add Roles Wizard.
Important
To deploy Network Access Protection (NAP), you must install the Network Policy Server role service. Depending on your requirements and the NAP enforcement methods you choose to deploy, you might also need to install the RRAS, HRA, or HCAP role services.
Network Policy Server
NPS is the Microsoft implementation of a Remote Authentication Dial-In User Service (RADIUS) server and proxy. You can use NPS to centrally manage network access through a variety of network access servers, including 802.1X authenticating switches and wireless access points, VPN servers, and dial-up servers. In addition, NPS is configurable as a Network Access Protection (NAP) policy server.
For more information, see:
Routing and Remote Access
Using Routing and Remote Access, you can deploy Point-to-Point Tunneling Protocol (PPTP), Secure Socket Tunneling Protocol (SSTP), or Later Two Tunneling Protocol (L2TP) with Internet Protocol security (IPsec) VPN connections to provide end users with remote access to your organization's network. You can also create a site-to-site VPN connection between two servers at different locations.
For more information, see:
Health Registration Authority (HRA)
HRA is a Network Access Protection (NAP) component that issues health certificates to clients that pass the health policy verification that is performed by NPS using the client statement of health (SoH). HRA is used only with the NAP IPsec enforcement method.
For more information, see:
Host Credential Authorization Protocol (HCAP)
HCAP allows you to integrate your Microsoft NAP solution with Cisco Network Access Control Server. When you deploy HCAP with NPS and NAP, NPS can perform client health evaluation and the authorization of Cisco 802.1X access clients.
For more information, see:
Other Resources
Windows Server 2008 TechCenter: Network Policy and Access Services
TechCenters provide links to content outside of the Technical Library, including Knowledge Base articles, downloads, technical articles, and other resources.