Security in Winsows Vista: UAP and NAP Framework

Windows Vista improves the Windows privilege model to help prevent users from running programs that attempt to perform operations that the user doesn’t really intend or authorize with User Account Protection (formerly called Least-privileged User Account, or LUA), which enables users to run at low privilege most of the time, while being able to easily run applications requiring more privilege as necessary.

In addition, the Network Access Protection (NAP) framework enables system administrators to define and enforce policies that require network clients to establish their trustworthiness and compatibility with the network before being given a specified access. Developers use API-level access to NAP and the Windows Filtering Platform (WFP) to reduce user and administrator security workloads by providing application-specific security settings supporting Firewall and NAT transversal, allowing more detailed (down-to-packet-level) screening of data transmissions, and isolating and validating new tools and their configurations prior to fully installing and integrating them into a running system.

Adopted from http://blogs.msdn.com/johnmont/archive/2005/07/27/443920.aspx by John Montgomery. He also talked about many other features in Windows Vista in his post.