Sophos NAC Advanced v3.2.2
September 01, 2010
£8.50 per user per year for 1,000 seats (minimum three-year contract)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Reporting, customisable policy templates, DHCP integration capabilities
- Weaknesses: Subscription-based pricing may be costly for larger enterprises
- Verdict: Decent NAC solution for managing patch, AV and firewall compliance on endpoints
Sophos NAC Advanced v3.2.2 is a software-based offering providing central management for policy, assessment, reporting/auditing/alerting, mitigation and enforcement by user group, through integration with both Active Directory and LDAP.
Installation requires quite a bit of preparation and configuration. Setup of the NAC Advanced Compliance Application Server is a fully scripted install. A typical customer installs the Sophos NAC Advanced Compliance Manager on a dedicated Windows Server 2003/2008 Enterprise edition. You can use the SQL database or have a separate SQL 2005/2008 database running on dedicated servers.
The solution supports a combination of agent-based enforcement for managed endpoints and DHCP-based enforcement for unmanaged endpoints. There is also a web agent that is downloadable as a dissolvable Java component and support for 802.1X.
Both pre- and post-authorisation of managed endpoints is included. Pre-authorisation is available for guest endpoints when using the dissoluble Java agent. It can also provide NAC for IPsec and SSL VPNs.
Sophos NAC Advanced includes pre-defined compliance detections for almost 800 applications, as well as over 1,600 OS patch detections. This provides over 2,400 predefined detections for inclusion within policy with just a simple click of the mouse. The roll up concept from groups, policies and profiles can be complicated at first but once you get the concept, this becomes a very comprehensive policy tool, delivering multiple levels of compliance. Numerous templates are available to help create enforcer templates.
The reporting and alerting capabilities are very detailed. Compliance level details are readily available and a compliance dashboard clearly displays the overall status of the user population. There are very detailed drilldown capabilities from the high-level reporting dashboard. Full audit logging for all system access and changes are available. Alerting is very flexible and the configuration is through an easy-to-use drop-down menu.
Standard 24/7 phone, email and web support is included with the product. There are upgraded support options available for a 15 and 25 per cent upgrade.
Sophos NAC Advanced takes some time to get running but is easy to manage once set up.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry