Network Policy Server (NPS) provides three types of policies:

  • Connection request policies. Sets of conditions and settings that specify which RADIUS servers perform the authentication, authorization, and accounting of connection requests received by the NPS server from RADIUS clients. Connection request policies can be configured to designate which RADIUS servers are used for RADIUS accounting.


    When you deploy Network Access Protection (NAP) using the VPN or 802.1X enforcement methods with PEAP authentication, you must configure PEAP authentication in connection request policy even when connection requests are processed locally.

  • Network policies. Sets of conditions, constraints, and settings that specify who is authorized to connect to the network and the circumstances under which they can or cannot connect. When you deploy NAP, health policy is added to the network policy configuration so that NPS performs client health checks during the authorization process.

  • Health policies. One or more system health validators (SHVs) and other settings that allow you to define client computer configuration requirements for the NAP-capable computers that attempt to connect to your network. Health policies are used only with NAP.


These policies are different from and unrelated to Group Policy.

See Also