This post was written by Jason Stella
A study conducted by UK-based malware protection vendor, Sophos, using its NAC tool found that several companies are facing security lapses due to patch deployment failures, misconfigured firewalls and missing OS updates. According to Sophos, these lapses could be exploited by an attacker to gain access to critical systems. Sophos is using its NAC tool to try and get businesses to see the benefits of its network access control (NAC) appliances. The appliance monitors the network, scans and quarantines machines and devices at the endpoint. The scan can determine if the machine’s patches are up to date and whether it’s carrying any malware.
Read the full article here
On InfoWorld, Steve Hultquist says that the wide range of NAC (network access control) products on the market depicts a broad range of thinking about policy-based security controls and the management of the network in general, including the end-point devices that connect to the network. According to Hultquist, in accordance to vendors’ way of enforcing policies using various forms, Sophos took a decidedly open path to the system, allowing for integration with environments using a wide range of anti-virus agents, 802.1x, DHCP, Cisco NAC, and VPN methods of control and enforcement. Sophos NAC Advanced combines a Windows Server 2003-based policy management server with end-point agents, dissolvable agents, and reporting to deliver a compelling system for Windows-oriented environments.