MS Network Access Protection (NAP) -- Paranoid Visions
TheRegister has an informative, and pretty short, article on MS NAP, a technology that should help keep networks clear of worm activity by requiring all machines to have up-to-date patching and anti-virus before the network equipment will let them play with others.
Now lets gloss over the more obvious question, how do you get a machine on the network for the first time, as it’s simple, the kind of company that actually needs this will have a patch management system in place for new builds (maybe just something like MS SUS) to bootstrap the process. The real questions to ask are, will any anti-virus software except MS Anti-virus (or what ever they call it by then) actually work with this? And more importantly will it be easy to turn this feature off so we can add *Nix boxes to the network?