Sophos Brings Its NAC to the Endpoint

Sophos expands the features of its endpoint security product as it looks to gain ground against Symantec, McAfee and Trend Micro.

Sophos has integrated network access control into its latest endpoint security offering as it tries to catch up to key rivals in market share.

Earlier the week of March 17, the company released Sophos Endpoint Security and Control 8.0, incorporating NAC technology with anti-virus, anti-spyware, firewall, application control and host intrusion prevention technology in one product to block malware and ensure policy compliance.

With the release, the company is taking another step down the same road as its major competitors-Trend Micro, McAfee and Symantec-all of which have looked to similarly integrate multiple technologies in their endpoint security products. Sophos has been picking up steam in the market, but adoption of its products by enterprises remains relatively small.

"Our strategy is to give customers more value, solve more problems for customers, without asking them to put more agents and learn more software and use more tools from more vendors," said John Shaw, director of Endpoint Security and Control at Sophos.

At the heart of the latest release are the policy control and NAC capabilities Sophos acquired from Endforce in January 2007. Having NAC included in an endpoint product is the most effective way to keep the computers on a network healthy, Shaw contended.

"The challenge for people who are just playing at the network level is they don't have that software out on the agent," he said. "They don't have necessarily that software at the back end. They certainly don't have that software out on every computer ...The network [NAC] vendors still rely on security software that is like us, to do that job of assessing each computer and comparing it with a policy."

But to Gartner analyst Peter Firstbrook, it's not NAC that's most important, but the level of visibility into the client's health.

"The key is not really NAC," he said. "It is the improved ability to get a more holistic security snapshot of the state of the client that stands out. NAC is just an enforcement mechanism."

Users can manage the assessment, control and protection of all Windows, Mac and Linux computers from a single console, and the security dashboard gives visibility into the status of all computers, according to Sophos.

Despite the inclusion of NAC capabilities in Sophos Endpoint Security and Control 8.0, officials said the company has no plans to discontinue selling Sophos NAC Advanced, its stand-alone NAC product.