Sim. Você quer o NAP Enforcement. Existem componentes do NAP Enforcement para 802.1x, DHCP, IPsec, VPN, etc. Você pode combinar vários métodos de imposição de NAP para aumentar a segurança com o custo de maior complexidade.
Network Access Protection (NAP) enforcement for 802.1X port-based network access control is deployed by using a server running Network Policy Server (NPS) and an Extensible Authentication Protocol (EAP) host enforcement client component. With 802.1X port-based enforcement, the NPS server instructs an 802.1X authenticating switch or an 802.1X-compliant wireless access point to place noncompliant 802.1X clients on a remediation network. The NPS server limits network access by the client to the remediation network by applying IP filters or a virtual LAN identifier to the connection. 802.1X enforcement provides strong network restriction for all computers accessing the network by using 802.1X-capable network access servers.
Veja algumas informações mais específicas sobre o componente de imposição de VPN:
Network Access Protection (NAP) enforcement for virtual private networking (VPN) is deployed with a VPN enforcement server component and a VPN enforcement client component. Using this enforcement method, VPN servers can enforce health policy when client computers attempt to connect to the network using a VPN connection. VPN enforcement provides strong limited network access for all computers accessing the network through a VPN connection.