My assumption was that their "NAC" was a 100% client-based software NAC - no VLANS or routers involved. Since nobody corrected me within 5 minutes of my first post, it must be. :)
Under that assumption, I wouldn't expect a network team to care, nor can I imagine why a separate console is needed for management. Hence, my "poorly integrated" conclusion. Carl -----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Friday, May 23, 2008 4:27 PM To: NT System Admin Issues Subject: Re: Enterprise client security - Sophos vs. ??? I think this is probably actually a good thing - It means that you can dedicate the endpoint enforcement to your desktop/helpdesk team, and the network/sysadmin folks can do the NAC. On Fri, May 23, 2008 at 1:14 PM, Carl Houseman <[EMAIL PROTECTED]> wrote: > Ah, another well-integrated solution. I'll pass this along. > > thanks, > > Carl > > From: Alex Eckelberry [mailto:[EMAIL PROTECTED] > Sent: Friday, May 23, 2008 2:27 PM > To: NT System Admin Issues > Subject: RE: Enterprise client security - Sophos vs. ??? > > fwiw, the sophos solution is actually two seperate consoles -- you get the > endpoint console (win 32 app) and then there is a seperate console you have > to run (web based) for the nac portion. > ________________________________ > > From: Carl Houseman [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 22, 2008 11:19 AM > To: NT System Admin Issues > Subject: Enterprise client security - Sophos vs. ??? > > Client is looking at Sophos " Endpoint Security and Control" as a > companywide standard and asking whether I have any alternatives. I've been > trying to steer them to Nod32 but looking at the Sophos and ESET websites, > it doesn't appear that ESET has an equivalent product. > > In particular, the Sophos product claims NAC capabilities, i.e. > > > Compliance reporting > > > Patch and vulnerability assessment > > > Enforcement > Translated, the Sophos product will verify that MS security patches are > being applied, and (presumably) shut down network access if something is > wrong (presumably shutting down access to everything BUT WSUS / WU servers > using its built-in firewall). > > It also claims the ability to block "unauthorized software such as IM, VoIP, > P2P and games." Don't see that in the ESET solution either. > > Any real world experience out there with "Endpoint Security and Control", > and if so, do you like it? Or alternatives that compete against this Sophos > product and do a better job? > thanks all, > > Carl ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
