Nottingham City Council chooses Sophos NAC

March 11, 2008 Sophos Press Release

Nottingham City Council
IT administrators at Nottingham City Council can enforce policies over unsecured computers with Sophos NAC.

IT security and control firm Sophos today announced that it has signed a deal worth £250,000 to supply Nottingham City Council with its Network Access Control (NAC), Endpoint and Email Security and Control solutions.

The deployment will be rolled out across the council's entire network infrastructure and will protect more than 7,000 desktops against threats, such as malware and spam, as well as enabling the council to set and control access policies for employees and guests. By consolidating on Sophos across the whole organization, Nottingham City Council will benefit from integrated security defenses, greater efficiency and faster response times, as well as a single support contact.

Nottingham City Council is responsible for all local government services within the British city of Nottingham. The council works in partnership with many other organisations across the city, where it receives numerous visitors to its various offices each day. Currently, only desktops and laptops that are administered by Nottingham City Council are allowed access to the internet and the organization's network. Visitors' ability to work efficiently can be hindered as many cannot even check email or gain internet access.

To enable secure guest access to the network as well as mitigate against hacker and malware attacks, Nottingham City Council will install a NAC solution across its whole infrastructure. NAC can ensure that all visitors wishing to connect their laptops to the network will be granted appropriate access only if they meet the council's access policy, such as having up-to-date anti-virus running, as well as security patches and a firewall installed on their laptops. With more than 1,000 pre-defined applications and operating system patches, it is possible to check even those laptops that are running different security solutions to the Council's own. The NAC solution can also check and block guest computers that are running unauthorised programs, such as peer-to-peer (P2P) file sharing software, which could pose additional security risks to the organization.

"Our network contains sensitive data about hundreds of thousands of citizens, as well as confidential information about various government projects, so security is absolutely critical," said Dan Smith, principal network and security officer at Nottingham City Council. "We therefore needed to find a balance between safety and productivity - it is simply impractical not to allow any form of guest access. With NAC, we believe we've found the ideal solution as this will enable us to effectively control who and what is logging on to the network, and what they're able to access. We already have strong security arrangements in place and are looking to strengthen these and ensure that the authority maintains a manageable but resilient secure infrastructure."

Nottingham City Council has evaluated Sophos NAC Advanced and is now rolling out the technology to a test site of 100 users. NAC will gradually be deployed across the rest of the Council's network infrastructure to coincide with user migration over to Microsoft Active Directory. Sophos NAC Advanced includes extensive yet simple-to-use reporting capabilities, which will enable Nottingham City Council to easily define and enforce policies and user profiles. For example, reports will show the most common reasons that PCs are denied access to the network, as well as which groups, and indeed individuals, have the most non-compliant computers.

"For organisations like Nottingham City Council with thousands of employees and any number of visitors requiring access to the network, defending the organisation against attack and ensuring that data doesn't fall into the wrong hands can seem like a nightmare," said Andrew Bradshaw, vice president of Sophos UK. "A reputable NAC solution's job is two-fold: to guarantee that any visitor or employee computer accessing the network meets the company's security policy and that all machines access approved network areas only."

In addition to Sophos NAC Advanced, Nottingham City Council will also deploy Sophos to defend all its desktops, laptops, file servers and mobile devices, as well as protect against inbound and outbound email-borne threats. Around 80 percent of Nottingham City Council's offices have been using Sophos Anti-Virus for the last five years, with the remaining 20 percent running solutions from competitors including McAfee. The new deal will see Nottingham City Council consolidate on Sophos across the entire organization.

For businesses considering implementing NAC, Sophos and the Aberdeen Group have produced a whitepaper detailing best practice.