Making NAC easy and affordable
Sophos Endpoint Security and Control 8.0 integrates Sophos NAC (network access control) with comprehensive endpoint protection and brings the benefits of NAC without the cost of a complex deployment or additional software license cost.

 Delivers NAC and anti-virus in one
 Blocks unwanted and unprotected computers
 Deploys easily using existing infrastructure
 Extends endpoint security at no extra cost

Making network access control easy and affordable
Endpoint Security and Control 7.0 already delivers cross-platform security and control for your desktops, laptops, file servers and mobile devices - for complete protection against viruses, spyware and adware, and control VoIP, IM, P2P and games.

Endpoint Security and Control 8.0 adds the security benefits of Sophos NAC, is simple to deploy across your existing network, and won't stretch your security budget.

Block unwanted and unprotected computers
Endpoint Security and Control 8.0 identifies managed, unmanaged and guest computers that do not comply with your security policy. Endpoints are assessed, for example, by looking for those that are incorrectly patched or have the firewall disabled. You can choose to configure automatic remediation to fix vulnerabilities before allowing network access or simply block non-compliant computers.

Eliminate complexity and cost from NAC
Our simplified approach drives down the cost of implementing NAC, with no additional hardware investment required and simple steps that automate control. One automated console provides a single point from which to deploy, update and report on anti-virus, anti-spyware, firewall, and NAC protection. Thousands of Windows, Mac and Linux computers can be managed from a single console.

Ensure faster, preventative protection
By combining NAC to prevent infected or unprotected computers from joining the network with the unique proactive intrusion-prevention technologies delivered today by Endpoint Security and Control 7.0, Sophos prevents new and unknown threats compromising your security.

New NAC features

• Block unprotected computers
• Overlays on existing network
• Managed by Enterprise Console
• Centralized web-based policies
• Automatic and user remediation
• Over 400 predefined assessments
• Reports on compliance
• Pre/post-connection assessment
• Dissolvable agent for guests
• Four steps that make Sophos NAC for Endpoint Security easy
• Sophos Enterprise Console provides a single point from which to quickly and easily deploy, update and report on anti-virus, anti-spyware, firewall, and NAC protection.

Step 1: Choose a pre-defined policy or define your own
You can simply choose from predefined policies for both managed and unmanaged endpoints or define your own through the intuitive, centralized web-based policy definition engine.

Step 2: Assess managed and guest computers for vulnerabilities
Computers are assessed against over 400 predefined security application configurations. Managed computers are assessed both pre- and post-connection, and a web-based dissolvable agent enables pre-connection assessment of guests. A report then identifies those computers that are or aren't compliant with your chosen policy.

Step 3: Remediate automatically to ensure policy compliance
At this stage, you can skip to Step 4 and enforce control, or use Sophos NAC to automatically fix non-compliant computers. Instructions can be provided directly to end users, or the system enables automatic remediation - for example, the initiating of Windows updates to download the latest patches.

Step 4: Enforcement blocks unwanted and unprotected computers
Once compliance is achieved, the administrator can switch on enforcement to stop unknown and unauthorized computers from connecting and ensure non-compliant computers are quarantined. All cases of non-compliance with security policy are logged to ensure regulatory compliance and IT governance needs are met.