In response to a request received at an authentication server from a client to enter a network, the authentication server transmits a network access control (NAC) request to the client using a NAC protocol. The NAC request includes an identifier (ID) identifying a trusted platform (TP) credential that represents integrity of at least a portion of software and hardware configurations of the client. In response to a NAC response from the client, the authentication server compares the first TP credential with a second TP credential stored in a storage associated with the authentication server. The authentication server allows the client to enter the network if the first and second TP credentials are matched; otherwise, the client is prevented from entering the network.