Sophos has announced NAC 3.0, a comprehensive network access control (NAC) solution for protecting against threats posed by unsecured computers. Giving IT administrators control over business partners, guests and employees accessing their network, NAC 3.0 does not require companies to change their existing network hardware infrastructure or existing security software solution.

Sophos NAC 3.0 combines assessment and reporting tools with comprehensive policy enforcement capabilities. Organisations can ensure security compliance even before users connect to the enterprise network, whether they are logging on by LAN, remote, wired, wireless, managed or unmanaged endpoints.

Some key functions include:

* Predefined assessments covering more than 350 security applications and more than 600 OS patches with point-and-click inclusion into policy;

* Rapid response to new and unforeseen threats using custom application creation and enforcement;

* Reports on the state of endpoint compliance over time as well as network access alerts;

* "Is current" functionality automatically updates anti-virus and anti-spyware applications, enabling administrators to set up a policy once and then forget about it; and

* Complete, flexible security policies.

"Finding a balance between easy network access and security is always a conundrum for system administrators. Historically, these two applications run independently, requiring more administration time and related training," says Christian Christiansen,  programme vice-president: Security Products & Services at  IDC.  "An integrated NAC solution strikes the necessary balance by protecting businesses' assets from malicious threats at all endpoints."

Designed with flexibility and ease of use in mind, Sophos NAC 3.0 is centrally managed through an intuitive web interface.  System administrators can create and manage policies that can be applied to employees, business partners, consultants and guests who may have access to the network.  Endpoints can be permitted or denied access to the network, automatically remediated, isolated, quarantined, messaged or exempted from policies.

"Organisations allowing visitors to attach unprotected PCs to their networks and users to turn off their firewalls after they have logged into the network are simply playing with fire," says Brett Myroff, CEO of master Sophos distributor, NetXactics. "Sophos's policy-driven software NAC solution stops insecure and non-compliant computers from connecting to your network. In addition, it prevents users from exposing networks to threats by stopping them from tampering with their security settings."