Just as a good corporate system will allow access of any computer only after a sandboxed viewing of the system state to determine if you are running Antivirus, firewall and are not attemptiong to open any well known hacking ports the ISP's could make this a prerequisit to allowing actual connection to the web backbone. this would serve a multitude a purposes in one fell swoop and also allow us to have a reasonable point of entry screening.
Just like you are required to have a drivers license and a car in a reasonable state of repair to enjoy the public roadways in a responsible way you need a reasonably configured machine to access the public web.
ISP's would hate it because of additional cost/time but I am almost sure they could recoupe the investment in unused bandwidth taken up by botnet traffic and the like.