Saturday July 4, 2009 4:31 PM AEST

SC Magazine Australia/NZ > Reviews > Access Control > Network Access > Sophos NAC Advanced

Vulnerability Alerts

SANS

Microsoft

MS09-022 - Critical: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501) - Version:1.1
MS09-021 - Critical: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462) - Version:1.1

CERT/CC

Latest Comments

"Thank you "

on Search engine promises completely private surfing

by Dr. Holub | Jul 4, 2009 11:17 AM

"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."

on New devices make hotspots a hacker's paradise

by Patrick Hooper | Jul 3, 2009 4:06 AM

"Katarzyna what has this got to do with Symantec?? "

on Mobile phone directory service faces consumer uproar

by PaulC | Jul 2, 2009 12:55 PM

"Hi Nadim, I'm the chief marketing officer at Ounce Labs, and I disagree with your statement. ..."

on Ounce Labs 5.0

by Jennifer Sullivan | Jun 30, 2009 11:56 PM

"noobs!"

on Australia shows poor resistance to phishing

by webappsec | Jun 30, 2009 4:53 PM

Network Access

Sophos NAC Advanced

Product Info

Supplier:

Sophos

Price:

USD$14

Product Rating

Features:

Ease of use:

Performance:

Documentation:

Support:

Value for money:

Overall Rating:

For: An elegant solution, does not place undue burden on the admin. Against: The per seat pricing may make the cost prohibitive for some. Verdict: A great balance between ease of use and security. Free lifetime support elevates this tool to the Recommended category.

By Justin Peltier
Jul 22, 2008 1:35 PM
Tags: Sophos | NAC | Advanced

The Sophos NAC Advanced product is a well-designed offering which balances the need for ease of administration with network protection.

The Sophos NAC Advanced product is a well-designed offering which balances the need for ease of administration with network protection.

It uses a Windows 2003 Server with SQL installed as a platform for the software-based offering. There are two ways to deploy the NAC tool.

First is an agent-based install where a client is loaded onto each machine. The second method uses a web browser and an ActiveX control.

If the client uses the dissolvable (web) agent or the software agent, the policy is pulled from the Sophos configuration interface, which resides on the Windows 2003 server.

Setting up policies is quite easy. A sample policy might require Windows XP to have Service Pack 2 installed with all of the associated hotfixes, the Sophos Anti-Virus 6 running, and with updated DAT files, and also the Sophos personal firewall installed and running.

If the client fails to meet those criteria, the machine can be placed in either a partially compliant state, or, if more controls are missing, the device will be placed in a non-compliant state.

The tool has three methods for enforcing the network policy should a device be placed into a non-compliant state.

The first is to work with a Microsoft or Lucent Dynamic Host Configuration Protocol (DHCP) server to assign an address, which only allows the client to have access to the remediation server and the internet.

The second is to use 802.1x to assign the non-compliant machine to a VLAN, which places the machine in quarantine. The third is to work with the Cisco NAC platform to further restrict access.

Sophos includes 24/7/365 support to all users with no additional charge.

Pricing is based on per seat licensing. The per-seat fees are US$14 per user per year with a minimum of 1,000 seats.

This places the offering in the middle to upper range in this Group Test, but when free lifetime support is added, the offering is very affordable.

See original article on SC Magazine US

Secure Computing Magazine

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Exclusive Data Centre - Sponsored Content by Microsoft

Most Read
Most Discussed
Latest News

Access Control Whitepapers

Sophos NAC Advanced

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management