Health policies define which system health validators (SHVs) are evaluated, as well as how they are used to evaluate the health status of Network Access Protection (NAP) client computers. Based on the results of SHV checks, health policies classify client health status. When you create a health policy, you can enable one or more installed SHVs and select one of the following SHV checks.

You must select at least one SHV to use in a health policy. SHVs that are not selected in a health policy are not evaluated by the policy. The following types of SHV checks are available in a health policy:

Although some SHVs check multiple settings on a client computer, an SHV check is an evaluation of the client computer against all requirements of the SHV. For example, the Windows Security Health Validator (WSHV) can check client computers for multiple software requirements and settings. A client computer might pass some of these checks, but it must meet all requirements of the SHV to pass the SHV check.

The Setting option under SHVs used in this health policy is new in Windows Server 2008 R2. If an SHV supports the storing of multiple configurations, you can use this setting to choose one of these configurations to use with your health policy. If an SHV does not support the storing of multiple configurations, you must configure settings in the Default Configuration.

Additional references