NAC Solutions
SOPHOS Network Access Control Overview
  Download the Product Brochure PDF (244Kb)
Key benefits
  • Enables easy identification and isolation of non-compliant computers
  • Assesses computer compliance proactively prior to network access and periodically during the network session
  • Defines security policies centrally
  • Enhances ROI of existing security applications and network infrastructure
  • Provides assessment options for managed and unmanaged computers with an installed agent or a web agent
  • Provides flexible deployment for phased enforcement (Report Only; Remediate; Enforce)
  • Simplifies the process for exempting devices (servers, routers, printers, etc) from network-based enforcement
  • Reports the state of a computer’s compliance over time
  • Responds rapidly to new, unforeseen threats using custom application creation and enforcement
  • Provides systematic enforcement of security compliance policies
  • Includes 24x7x365 support for the duration of the licence and Sophos can be contacted for one-to-one assistance at any time
Sophos NAC Advanced provides comprehensive and easy-to-deploy enterprise-ready network access control (NAC). It allows administrators to define and centrally manage security policies to identify and isolate all non-compliant, compromised or misconfigured computers accessing the corporate network. It seamlessly integrates with existing network infrastructures and security applications from a wide range of vendors.

Comprehensive, real-time enforcement of enterprise-wide network access control

  • An installed agent provides comprehensive compliance assessment and enforcement of managed computers, both prior to and during a network session.
  • A web agent provides comprehensive compliance assessment prior to network access for remote or LAN-based unmanaged computers, or on managed computers when an agent is not practical.
  • DHCP enforcement protects the network from unauthorised computers connecting to the corporate LAN using an enterprise’s existing DHCP infrastructure.
  • IEEE 802.1x enforcement stops unauthorised computers connecting to the LAN.
  • RADIUS enforcement protects the network from non-compliant laptops by providing enforcement prior to opening IPSec, SSL-VPN, or wireless connections.
Customisable central policy for all computers

  • An intuitive web interface offers extensive policy-building capabilities, flexible enforcement control and extensive reporting and alerting features.
  • Administrators can define and manage unique policies for detecting operating system patches, security applications and signature updates across all computers.
  • Scans can detect for installation, last engine scan date/time, signature file date/ time, running detection for processes, real-time protection status, and version/value
  • Administrators can choose whether unauthorised or non-compliant computers are isolated, quarantined for remediation, automatically remediated or sent alerts.
  • Policies can be customised to ensure no unwanted applications are run.
  • A customisable landing page provides immediate, easy-to-view NAC compliance statistics.
  • Custom application creation and enforcement enables administrators to respond rapidly to unforeseen threats.
  • Point-and-click contextual operating system patch definitions save administrators hours of configuration time.
  • Simple, central policy mode control enables enforcement steps to be phased in - from Report Only, through Remediate, to Enforce - avoiding an all-or-nothing approach, and providing optimum control and ease of policy deployment during each stage of implementation.


Software components

Server
  • Operating system:
    Windows Server 2003
  • Database:
    Microsoft® SQL 2000
Agent
  • Windows 98 SE
  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Windows Vista
Compatible network equipment
  • AlcatelTM
  • Aruba NetworksTM
  • Aventail®
  • Cisco®
  • Checkpoint®
  • Enterasys Networks
  • Extreme NetworksTM
  • Foundry® Networks
  • Hewlett-Packard
  • Infoblox®
  • Juniper NetworksTM
  • Lucent Technologies®
  • MetaInfo®
  • Nortel®
  • Novell
  • RSA Security®
  • Sun Microsystems
  • 3Com CorporationTM
Easy to implement with existing network infrastructures and security applications
  • A comprehensive range of predefined applications, including more than 400 security applications and over 600 operating system patches, ensures Sophos NAC Advanced seamlessly interoperates with all major security vendor solutions.
  • Its software-overlay architecture ensures Sophos NAC Advanced fits within the existing network infrastructure, e.g. switches, VPN concentrators, DHCP servers and enterprise user stores.
  • Easy to implement, Sophos NAC Advanced does not require significant changes to existing hardware or user groups.
Comprehensive alerting, reporting and auditing
  • Powerful audit and reporting capabilities enable administrators to monitor and manage compliance, and any changes made to the policy.
  • Access to real-time and historical data enables sophisticated analysis, reporting and trending information.
Industry-leading expertise 24/7
  • Our 24/7 customer support operation is highly acclaimed, while SophosLabsTM, our global network of threat and spam analysis centres, provides a rapid response to emerging and evolving threats.
Languages available
  • English
Sophos is a world leader in IT security and control. We offer complete protection and control to business, education and government organisations - defending against known and unknown malware, spyware, intrusions, unwanted applications, spam, and policy abuse, and providing comprehensive network access control (NAC). Our reliably engineered, easy-to-operate products protect over 100 million users in more than 150 countries. With over 20 years’ experience and a global network of threat analysis centres, the company responds rapidly to emerging threats and achieves the highest levels of customer satisfaction in the industry. Sophos is a global company with headquarters in Boston, MA, and Oxford, UK.


For further information on Sophos products, please speak to one of our sales representatives.
Telephone 0800 777-001 or e-mail Sales@sss.co.nz to request advice, brochures or pricing information.

© Copyright 2002 - 2008 Scientific Software and Systems Limited
Back to SSS Home Page