[#enfrcpol]:

Enforcing Policies

There are various ways to enforce policies.

Windows Group Policy
part
Network Access Control

This allows a server to perform some tests. The results of these tests may determine whether a network interface port on a switch remains active, or what information DHCP hands out to a client. Therefore, the server has some ability to control what type of access another device will have on a network.

Status

In 2010, NetworkWorld article on NAC gone wrong states, “Agreement on what NAC really means and the right approach to NAC remain as elusive today as in 2005, when the first NAC products burst on the scene.”

(That's an old article, and one article might be quite little to make a sweeping judgement. Still, that doesn't sound like a very positive judgement.)

Specific implementations
802.1x

Cisco offerings
Network Admission Control

Wikipedia's article for “Network Admissino Control”

Identity Services Engine (“ISE”)

This software might not be specific to just NAC, but it does seem to provide some similar features. For instance, both ISE and MAC can consider whether a client's anti-virus software is up to date.

Network Access Protection

XP SP3 NAP Rude Q and A, Features Removed or Deprecated in Windows Server 2012 R2

There's at least a few articles on Microsoft's site. e.g.: Network Acces Protection Using 802.1x VLANs or Port ACLs