Product Information

Sophos NAC Advanced v3.2.2

starstarstarstarstar

by Michael Lipinski September 01, 2010
Vendor:

Sophos, Inc.

Product:

NAC Advanced

Website:

http://www.sophos.com

Price

$14/user/year/1,000 seat minimum/three-year contract

RATING BREAKDOWN

  • Features:
    starstarstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstarstar
  • Documentation:
    starstarstarstarstar
  • Support:
    starstarstarstarstar
  • Value for Money:
    starstarstarstar
  • Overall Rating:
    starstarstarstarstar

QUICK READ

  • Strengths: Reporting; customizable policy templates; DHCP integration capabilities.
  • Weaknesses: Subscription-based pricing may be costly for larger enterprises.
  • Verdict: Very nice NAC solution for managing patch, AV and firewall compliance on endpoints.
The Sophos NAC Advanced Compliance Manager v3.2.2 is a software-based offering providing central management for policy, assessment, reporting/auditing/alerting, mitigation and enforcement, by user group, through integration with both Active Directory and LDAP.

Installation requires quite a bit of preparation and configuration. The installation of the NAC Advanced Compliance Application Server is a fully scripted install. A typical customer installs the Sophos NAC Advanced Compliance Manager on a dedicated Windows Server 2003/2008 Enterprise Edition server. You can use the SQL database that loads with the install or have a separate SQL 2005/2008 database running on dedicated servers.

Sophos NAC Advanced supports a combination of agent-based enforcement for managed endpoints and DHCP-based enforcement for unmanaged endpoints. There is also a web agent that is downloadable as a dissolvable Java component. The product offers support for 802.1X. Both pre- and post-authorization of managed endpoints is included and pre-authorization is available for guest endpoints when using the dissolvable Java agent. Sophos NAC Advanced also can provide NAC for IPsec and SSL VPNs.

The tool includes pre-defined compliance detections for almost 800 applications, as well as more than 1,600 OS patch detections. This provides more than 2,400 pre-defined detections for inclusion within policy just by clicking the mouse.

The reporting and alerting capabilities of the solution are very detailed. Compliance level details are readily available. A compliance dashboard clearly displays the overall status of the user population.
Standard 24/7 phone, email and web support are included. There are upgraded support options available for a 15 or 25 percent uplift.

The product takes some time to get running, but is easy to manage once set up.

Reviews For This Vendor

Related Group Test

Advertisement

How to Prevent Insider Threats!

POLL