Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
321322323324325326327328329330
A-20
Addendum to the ProCurve Access Control Security Design Guide
Microsoft NAP
DHCP
The DHCP method requires that DHCP be run on a Windows Server 2008 and
also requires Active Directory domain services. Figure A-7 shows the network
access method with DHCP.
Figure A-7. DHCP Network Access
1. The NAP client (using the DHCP NAP EC) sends its SSoH to a DHCP
server, using DHCP protocols.
2. The DHCP server sends the client’s SSoH to the NPS, using RADIUS
messages.
3. The NPS performs a system health validation and sends its verdict to the
DHCP client.
4. The DHCP server takes one of the following actions:
a. If the endpoint is non-compliant, the DHCP server assigns the end-
point a subnet mask of 255.255.255.255 and no default gateway—
preventing the endpoint from reaching any other IP address. The
DHCP server also sends the endpoint static routes to addresses in the
restricted subnet.
b. If the endpoint is compliant, the DHCP server assigns it an IP address
that gives it unrestricted network access (in one of the normal sub-
nets).