Installed Symantec EndPoint on VistaBiz. Windows Security Health Agent alert that was showing originally (Anti-virus missing) doesn't show anymore. Tried to turn off anti-virus protection & windows firewall (to check for auto-remediation). Nothing happens. tried to release ip and renew ip address. No change.

Created second vista business client named client2, with just basic softwares.

add client2 to NAP enforced computers/group, joined nypfypj network.

health alert randomly pops up upon releasing/renewing ip address at command prompt, re-enabling of firewall is not stable (sometimes it happens sometimes it doesnt)

check NAP to confirm auto-remediation is configured (yes) reboot NAP

checked configurations using cmd
checked netsh nap client show grouppolicy

in results displayed found out DHCP Quarantine Enforcement Client isnt enabled
enable DHCP Quarantine Enforcement Client
- netsh nap client set enforcement ID = 79617 ADMIN = "ENABLE"

some useful commands learnt in context to Network Access Protection
- netsh nap client show state
- netsh nap client show config
- netsh nap client show grouppolicy
- net stop napagent && net start napagent

Mr Kravitz came to check on our progress yesterday afternoon, when he was here we tried out auto-remediation on client2. It worked. Then after he left, we tried again. It didn't work again. >.<

He also taught us how to use VM snapshots, which is a similar feature to restore point on normal windows.

While double checking and trying to troubleshoot NAP today, found out that dynamic ip given to the work stations aren't in the DHCP address range set on the DHCP server, we're hoping this is the reason for the on and off working remediation.