Jeremy Moskowitz's companion book on Group Policy continues with best practices for Desktop Management. This eBook chapter is entitled 'Network Access Protection (NAP) using Group Policy' and is part of a larger series of chapters from his book, Creating the Secure Managed Desktop. Group Policy has a lot of responsibility on your network. Sure, it's got its touchy-feely side, like setting the desktop background and delivering applications' settings. But it's also got a butt-kicking side, too. And that's the side we want to show you here. In this chapter, I'll cover just one topic, but a very hot one: how to ensure that only healthy, validated machines make it onto your production network. Without knowing the "health status" of your machines, you're just letting any ol' machine join your network, regardless of what's running on them; and that's clearly unhealthy. You don't want to taint the healthy network with one all-virused-up machine. By using a new Windows Server 2008 technology called Network Access Protection in conjunction with Group Policy to configure it all, we'll have a network that automatically decides who lives and dies, er, gets on our network or not. So, strap in. It's prime time butt-kicking, Group Policy style. Learn the following things in this ground-breaking chapter: ' Learn what Network Policy Services is vs. Network Access Protection ' Create a NAP test tab, and totally WOW your boss ' Learn when clients "check in" to report their health status ' Learn how to force "unhealthy" clients to talk only with the servers you choose ' Get out of the "chicken and egg" problem so new machines can join the domain, then participate in NAP ' Learn how to make your clients "auto-remediate" and get healthy -- without doing anything by hand ' Use Group Policy with NAP to make most of the magic happen ' and about a billion more things to protect your network from the evil that's trying to get on your network. In this chapter, you'll learn how to use Network Access Protection (NAP) to ensure that only healthy clients can join your network. Come to /book to Get signed hardcopies and learn more about the printed book (as well as its companion book Group Policy Fundamentals, Security, and Troubleshooting.). At GPanswers, you'll also find supplemental downloads for these chapters as well as any downloadables for each chapter. Join the GPanswers newsletter list for news and updates.