My sitation is the following: I do have a Domain based on Windows 2008 R2 servers and 802.1x enabled network infrastructure that is NAP capable in the main office. NAP is enabled and in combination with our AV solution and the WSUS, everything works like a charme.
The problem is the following: Since about 2 weeks there are three branch offices (belonged to another company before) and their system has to be integrated into our.
My question is now how to best enforce NAP within in this bracnh offices? Is this possible via a simple VPN connection or shall I install an RODC at the branch site?