Lees also gave the first public demonstrations of several new security technologies, most notably a new "client inspection and isolation" tool, planned for the next major update of Windows Server 2003.

The tool automatically inspects PCs trying to connect to a corporate network--including those using the often troublesome virtual private network technology for remote connections--to ensure that the machine is properly configured for basic security. If the PC is found lacking a security feature--for example, if the firewall is switched off or if the antivirus software is out-of-date--the server can remotely update it before allowing the PC to connect to the network.

"It really helps you secure the perimeter," Lees said. "You get to frisk the client, make sure it's clean...before you let it into your network."
Source : http://zdnet.com.com/2100-1104_2-5220041.html

I went to a security conference host by Microsoft yesterday and I ear about this technology. If your DHCP server is running Windows 2003, the server will run a software like MSBA on the computer for basic security. Look promissing.