Product Information

Sophos NAC Advanced v3.2.2

starstarstarstarstar

by Michael Lipinski September 01, 2010
Vendor:

Sophos, Inc.

Product:

NAC Advanced

Website:

http://www.sophos.com

Price

$14/user/year/1,000 seat minimum/three-year contract

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstarstar
  • Documentation:
    starstarstarstarstar
  • Support:
    starstarstarstarstar
  • Value for Money:
    starstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Reporting; customizable policy templates; DHCP integration capabilities.
  • Weaknesses: Subscription-based pricing may be costly for larger enterprises.
  • Verdict: Very nice NAC solution for managing patch, AV and firewall compliance on endpoints.
The Sophos NAC Advanced Compliance Manager v3.2.2 is a software-based offering providing central management for policy, assessment, reporting/auditing/alerting, mitigation and enforcement, by user group, through integration with both Active Directory and LDAP.

Installation requires quite a bit of preparation and configuration. The installation of the NAC Advanced Compliance Application Server is a fully scripted install. A typical customer installs the Sophos NAC Advanced Compliance Manager on a dedicated Windows Server 2003/2008 Enterprise Edition server. You can use the SQL database that loads with the install or have a separate SQL 2005/2008 database running on dedicated servers.

Sophos NAC Advanced supports a combination of agent-based enforcement for managed endpoints and DHCP-based enforcement for unmanaged endpoints. There is also a web agent that is downloadable as a dissolvable Java component. The product offers support for 802.1X. Both pre- and post-authorization of managed endpoints is included and pre-authorization is available for guest endpoints when using the dissolvable Java agent. Sophos NAC Advanced also can provide NAC for IPsec and SSL VPNs.

The tool includes pre-defined compliance detections for almost 800 applications, as well as more than 1,600 OS patch detections. This provides more than 2,400 pre-defined detections for inclusion within policy just by clicking the mouse.

The reporting and alerting capabilities of the solution are very detailed. Compliance level details are readily available. A compliance dashboard clearly displays the overall status of the user population.
Standard 24/7 phone, email and web support are included. There are upgraded support options available for a 15 or 25 percent uplift.

The product takes some time to get running, but is easy to manage once set up.

Related Group Test

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US