- 1
- 2
- < previous
This combination of pre- and post-access awareness allows the end-point agent to adjust to dynamic changes in policies as well as to changes in the host system's compliance over time. You can also create profiles for custom applications, so if you require specific configurations of custom applications Sophos will allow you to alert and report on those characteristics.
Policy creation and modification is the most complex aspect of policy-based management. Current systems tend to provide detailed and therefore complex views of policies. This is the area ripest for significant improvement in manageability and a breakthrough in human interface design. The inclusion of one-button policies for typical requirements would be a good start.
Agent's-eye view
As I've emphasized in previous reviews, the reporting subsystem of a policy-based network is critical. It is the primary avenue for understanding the current state of your end points and infrastructure, and a key to the ongoing management of the entire network. The Sophos NAC Advanced system includes a comprehensive reporting system that provides both at-a-glance and in-depth reports for the knowledge that the system holds, such as overall compliance status and granular compliance reports based on application, policy, and assessment details.
The reporting system is effective, but it relies exclusively on information provided by the agents, so it has limited visibility into network activity as a component of the reports. By integrating Sophos NAC Advanced with an IDS/IPS, Sophos could extend the reach in an important direction, enabling identification of zero-day events and unexpected network activity to trigger alerting, quarantine, and administrator action. After such a discovery, hooks into an IDS/IPS could also be used to trigger a rescan by all agents to determine characteristics of the impacted systems.
Sophos has focused on providing a system that integrates with a broad range of Windows systems and an even broader range of network elements. The solution provides assessment and remediation for non-Sophos subsystems such as third-party anti-virus agents and other security components, and it integrates into standards-based environments such as 802.1x as well as more proprietary environments such as Cisco NAC.
Sophos NAC Advanced is a solid approach to protecting Windows systems in an enterprise environment. It's a good fit for organizations concerned mainly with the security status of Windows end points. With the growth of both Mac OS X and Linux in the enterprise, its current lack of support for these platforms may be an issue for those seeking to install policy-based networking. In addition, the product's focus on end points without engaging network components will leave at least some information unassessed in the process of applying and enforcing policy. Organizations aiming to gain granular control over both hosts and visibility into network traffic will need to look at integrating Sophos with network-based control systems or more network-oriented alternatives such as Cisco NAC.
- 1
- 2
- < previous
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #98: The Future of Datacentre IP 18/12/2008 10:33:00
CW Live speaks withLin Nease, Director of Emerging Business for HP ProCurve, to discuss the future of networks, including the effect of IP-based storage on datacentres, new capacity requirements generated by the use of 10Gb Ethernet, and how an efficient network design can slash energy and cooling costs, and help enterprises build a "green" image. - +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport.
IT industry veteran advises caution on outsourcing selection in light of Satyam problems 2009-01-09 21:45:00+11
F-Secure Warns About a Worm Affecting Corporate Networks 2009-01-08 16:42:00+11
Research software developer appoints Susan Dart to new Business Development Director role 2009-01-08 09:08:00+11
Research software developer appoints Susan Dart to new Business Development Director role 2009-01-08 09:08:00+11
Anyware Introduce Two Powerful PCI TV Tuner Cards with S5 Power Up and Windows Media Center Remote 2009-01-07 17:30:00+11
Everything you need to know about email and web security (but were afraid to ask)
What you don’t know can destroy your business. It’s hard to imagine modern business without the internet but in the last few years it has become fraught with danger. Read on to discover how internet security can give your business a competitive advantage.
