Your network contains an Active Directory domain named contoso.com. The domain
contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest
security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the
required security updates installed can connect to VLAN 1. The solution must ensure that all
other client computers connect to VLAN 3.
Solution: You implement the IPsec enforcement method.
Does this meet the goal?
A.
Yes
B.
No
No : Components of an 802.1X enforcement design
NAP with 802.1X enforcement requires that the following components are deployed on your network:
A NAP health policy server running Windows Server 2008 R2 or Windows Server 2008 with the Network Policy Server (NPS) role service installed.
An 802.1X authenticating switch or wireless access point that supports VLAN or ACL specification through RADIUS tunnel attributes.
802.1X NAP-enabled client computers running Windows 7, Windows Vista, Windows Vista with Service Pack 1 (SP1), Windows XP with SP3, Windows Server 2008, or Windows Server 2008 R
Agree that proposed solution does not meet the given requirements. But, It does not because IPsec is not a tehnology to prevent or allow connect to a VLAN.
IPsec can be useful to rectict or allow conection betwen HOSTS.