Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
The wide variety of so-called NAC (network access control) products on the market shows a broad range of thinking about policy-based security controls and the management of the network in general, including the end-point devices that connect to the network. Some vendors enforce policies using a client agent, some enforce them in the network, and some even use peers for enforcement. Network-based enforcement itself can take many forms, including dedicated gateway, DHCP manipulation, 802.1x authentication, and port- and VLAN-based enforcement on switches.
In short, there are many ways to skin the NAC cat.
Considering Sophos' extensive background in managing the security of host systems, you might expect its NAC solution to make use of agent-based enforcement, and you'd be right. However, Sophos also took a decidedly open path to the system, allowing for integration with environments using a wide range of anti-virus agents, 802.1x, DHCP, Cisco NAC, and VPN methods of control and enforcement.
Sophos NAC Advanced combines a Windows Server 2003-based policy management server with end-point agents, dissolvable agents, and reporting to deliver a compelling system for Windows-oriented environments. Although Sophos offers anti-virus software for Mac OS X and Linux as well as Windows, this first release of Sophos NAC Advanced is focused strictly on assessment and policy management for Windows end points.
Policy is king
As in my previous reviews of solutions from ConSentry, Enterasys, McAfee, Symantec, and Trend Micro, I looked at the Sophos product's ability to address a set of typical enterprise policies and distinguish the ways in which the product does that. When choosing among NAC solutions, the key is to consider your requirements from within the universe of possible policies, especially in terms of the granularity of both the policies and their enforcement. You will also want to consider how (and how frequently) you want to interact with the system and whether ease of policy creation, policy modification, or reporting are your most vital requirements.
Sophos takes a hierarchical approach to policies. Using a straightforward Web-based GUI, admins create a hierarchy of profiles, with each policy comprising one or more profiles plus the defined outcome for compliant, partially compliant, and noncompliant systems. Sophos allows policies to be run in report-only, remediate, or enforcement mode. This flexibility is especially useful during the introduction of new policies into the system, and provides for a transition as you determine the compliance of the end points in your environment.
You can create profiles for the operating system (at least one of which is required for every policy), applications (including both security components such as anti-virus as well as user applications such as Internet Explorer), and patches for each of them, and assemble them into policies that outline the required OS patch level, anti-virus application and signature currency, and firewall application and settings. The policy definitions also include the resulting access available to the end point and any alerting necessary. In addition, you specify how frequently the agent on each end point will check for updates to the policy, assess and reassess the host system for compliance, and communicate with the reporting system.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Symantec State of Spam Report - October 2008 2008-10-07 11:58:00+10
AIIA to Reward Sustainability and Green IT Champions at the 2009 iAwards 2008-10-07 11:56:00+10
Yellowfin Achieves BI Success with Asia Pacific Telcos 2008-10-07 09:46:00+10
Intercad launches SolidWorks 2009 and 3DVIA at SolidWorks Innovation Day 2008-10-07 09:28:00+10
Frost & Sullivan Gears up for Annual IT Industry Gala Awards Event 2008-10-07 08:29:00+10
The Next CIO is You
The revolution is underway. Market dynamics are fanning the flame of change and innovation. Business is ultimately only as good as its IT organization. And an IT organization is only as good as its CIO. Read on to discover the revolution changing the role of the CIO. Are you on board?
