0

NPS is Network Policy and Access Services, and is one of the roles that can be assigned to a Windows Server.

I have a Windows domain with two subnets running over an MPLS. Each subnet has a Domain Controller - one is master, the other is secondary.

Altogether, there may be about 50 machines in the entire network.

Do I need to have NPS configured in my domain?

bgmCoder
  • 706
  • 4
  • 16
  • 29

1 Answers1

0

I don't think anyone can truly answer this question with the information you have provided. You may need to make that decision based on the needs of your users and organization. This is a great starting point though for making that decision....

NPS Link

htm11h
  • 170
  • 11
  • Ugh - it's so much stuff. What details would I need to provide in order for someone to at least give an opinion? – bgmCoder Jul 26 '16 at 19:01
  • I don't mean to sound terse, but read a little bit and see if you can at least define the end user needs, and whether your organization has any restrictions or requirements that need to be met or followed or restricrted for that matter. There are ways to accomplish some of what NPS does without a full implementation, it just all depends. – htm11h Jul 26 '16 at 19:03
  • 1
    do you need VPN access that will be handled by the Windows OS or do you use a firewall product, Do you need IPsec, do you need WiFi security controls? Are you migrating from Server 2008 that uses Routing and Remote Access, or are you migrating an IAS server? these are just some high level questions. – htm11h Jul 26 '16 at 19:11
  • We have vpn access that is handled by the firewall-router (not the server). I would answer no to all of your questions so far. – bgmCoder Jul 26 '16 at 19:13
  • Most of the remaining assessment issues would fall in the category of priority to protect your network and its data. This would be an organization issue. – htm11h Jul 26 '16 at 19:19
  • Government entity? Medical HIPPA requirements, things like that? think of it like this, the only safe computer is one that is not connected to the internet, so how much risk do you care to take? – htm11h Jul 26 '16 at 20:31
  • My primary intention for asking was to find out if anything will break if I don't set it up. I actually had the role installed but never configured - and this for a long time. Do I even need it? It seems optional. – bgmCoder Jul 27 '16 at 00:48
  • It is an additional configurable element of the OS. Should you use it in today's internet world probably yes, can you get by without it, yes. – htm11h Jul 27 '16 at 14:24