Sophos

Quick product finder

Protect your sector

Education

Education
Protecting schools
and universities

Government

Government
Defending offices
across the globe

Service providers

Service providers
Keeping their
customers safe

Free tools

Alert services

Network Access ControlControl non-compliant, unauthorized, and guest computers

Sophos NAC Advanced is a software-based solution for endpoint assessment and control offering the most comprehensive and easy-to-deploy solution available. Sophos gives you the ability to control who and what is connecting to your network.

Flexible and simple policy creation

Sophos NAC Advanced management console’s extensive policy-building capabilities allow you to define security and acceptable use policies and enforcement actions for as many distinct user groups as you require. The central policy mode control enables you to phase enforcement steps as it makes sense for you – from Report Only, through Remediation, to Enforce – avoiding an all-or-nothing approach.  Sophos simplifies NAC policy creation by providing over 1000 predefined applications and operating system patches which you can include in policy with just a click of a mouse.

Comprehensive endpoint assessments

Sophos NAC provides both pre- and post-connect inspection of managed computers using our "always on" persistent agent as well as pre-connect inspection of all unmanaged endpoints with the use of our dissolvable agents. Assessments are extensible and include details of application installed, results of the last malware scan, operating system, service pack, and patch installation, file check, registry key, and running process.

Computers can be granted the appropriate level of access to your network based on multiple contextual factors including user role, access method, and endpoint assessment results. Non-compliant computers can be automatically corrected without quarantine, or quarantined for remediation when end user corrective action is required.

Robust compliance reporting and alerting

Reports include the overall compliance state of each user; details on each user’s session including the compliance status of each application on the computer; details on which computers have been quarantined due to non-compliance and why. Reports can be viewed in real-time to address immediate compliance needs, or with an historical perspective for trending purposes. Alerts can also be easily created to provide timely notification for compliance and enforcement status via e-mail and/or event logs.

Complete protection

Broad overlapping enforcement options including Agent-based, 802.1X, DHCP, Cisco NAC, and VPN can be used to provide complete enforcement coverage both before and during connection, protecting against threats posed by unauthorized, unknown, compromised or misconfigured computers. Sophos NAC Advanced is the proven solution for endpoint assessment and control, offering the only truly vendor neutral and completely software based NAC product which maximizes your existing investment and works with your existing network hardware.