Global architecture practice gets the nac of security with Sophos

June 05, 2008 Sophos Press Release

Cox Group logo

IT security and control vendor Sophos Australia and New Zealand today announced a major deal with international architectural practice The Cox Group. The practice will deploy Sophos's integrated Network Access Control (NAC), Web Security, Email Security and Endpoint Security and Control solutions to protect its personnel and confidential intellectual property across seven cities in three countries.

In addition, Cox Group chose to engage the Sydney office of Sophos Professional Services specifically for the proof-of-concept, configuration, and implementation of the Sophos NAC software.

The system is currently being implemented internally by The Cox Group with technical support provided by Sophos. The solution was supplied by Sophos partner Corporate Express.

The Cox Group was established in Sydney in 1967 and has diversified and grown to become an international practice with offices in Sydney, Perth, Brisbane, Melbourne, Canberra, Beijing and Dubai. Its award-winning projects include Star City Casino, the new Hill Grandstand at the Sydney Cricket Ground and the United Arab Emirates University Campus in Al Ain.

The Cox Group is one of a growing number of users to deploy Sophos NAC Advanced, which is a software-based, vendor-neutral solution that provides the ability to control who and what is connecting to the network, and ensures all computers conform to a defined security policy. Sophos NAC controls attempted network access from any LAN or remote connection by employees and guests as well as unauthorised and non-compliant computers.

Sophos NAC Advanced provides The Cox Group with a highly cost-effective and capable solution that seamlessly integrates with its existing network infrastructure with zero disruption on users during deployment. Furthermore, the solution has minimal impact on users on an ongoing basis.

Asked why The Cox Group opted for Sophos NAC, Moreno Sartorello, National IT Manager, replied: "Our business requirements dictate that our widespread and sometimes mobile employees, and occasionally our customers and business partners, have access to the information and applications on our network.

"With that in mind, we wanted to ensure that any computer that accesses our network is fully compliant with our security policy in terms of up-to-date anti-malware protection. Also, that every PC, server and laptop has the latest Windows patches. If any machine is identified as non-compliant, we can then rectify the issue immediately, before our users, intellectual property and other data is put at risk.

"We're also going to use Sophos NAC to ensure every computer matches exactly to our standard operating environment, which includes Service Pack 2 on Windows XP, Windows Server 2003 and Exchange 2003.

"With Sophos NAC's detailed reporting, we can easily identify any user behaviour that attempts to circumvent our security policy, such as introducing an unprotected machine to our network. We can then automatically kick that computer off our network while it updates, and at the same time educate that employee about the policy."

A long-time user of Sophos's anti-malware protection on its PCs, laptops and servers, the practice will now also bolster its gateway security with Sophos's Email Security and Web Security appliances.

"We're deploying Sophos's WS1000 web security appliance to ensure our users can enjoy clean internet access," Sartorello continued. "By their nature, many of our architects and other employees are highly creative people who demand access to online resources and websites which many other businesses might block, such as Facebook and YouTube.

"We've taken the position that controlled access to these is OK, and we'll use Sophos's Web Security appliance to afford our users a greater level of protection against any website that is hosting malicious content."

Sophos's appliance solutions offer an ideal match for The Cox Group's computing environment.

"We simply plug the appliances in to our network, set up some easily-customised rules and we can then leave the appliances to scan our web traffic and emails knowing that they update with new rules and protection automatically in the background," Sartorello said.

Sartorello also cited Sophos's centralised management as the key component of the practice's security consolidation project:

"With Sophos, we will be able to manage every facet of our endpoint, gateway and network access security from a single console. Moreover, any of our three internal 'Sophos Champions' can administer that console from whichever office they're based in."

With offices located in five different time zones, Sartorello believes Sophos's comprehensive support operations provide the practice with significant peace of mind.

"Sophos is highly responsive no matter what time of day we call. Its 'follow the sun' approach to technical support ensures we can immediately access a live technical expert over the phone, or by email, if we have an issue that we don't have the time to sort out ourselves."

While technical support has the highest priority within Sophos and is available 24 hours a day, 365 days a year to all Sophos customers as part of their licence fee, The Cox Group has signed up for Sophos's Platinum Technical Support. This includes enhanced service levels with target response and escalation times as well as emergency onsite support.

Commenting on the new deal with The Cox Group, Sophos's Asia Pacific Managing Director, Rob Forsyth, said, "Sophos Network Access Control counters the risks involved with unauthorised endpoint computers attempting to connect to networks set up to enable businesses to compete in competitive global markets. The Cox Group will now be able to automatically enforce its security policies across widespread locations, while ensuring its intellectual property and users are protected at all times."