Sophos acquires network access control

Sophos has bought Endforce, a US developer of enterprise network access control (NAC) software, for an undisclosed sum.

Share

Sophos has bought Endforce, a US developer of enterprise network access control (NAC) software, for an undisclosed sum.

Corporations use tools such as those developed by Endforce to limit what kinds of device can connect to their network. Typical applications include preventing connection of unauthorised wi-fi base stations to a corporate LAN or ensuring that only laptops with fully patched operating systems can access network resources.

About 50 per cent of large organisations had already deployed NAC by late last year, according to US market analyst Infonetics Research. That proportion will grow to nearly 60 per cent by next year, with half of small and medium-sized organisations expected to follow suit by 2008, Infonetics said in a report published in November.

Although Sophos started life as an antivirus software developer, it has expanded its security offering for corporate customers through a string of recent acquisitions. Its range now includes application control and host intrusion protection.

Sophos plans to retain Endforce’s 60 employees, and will continue to develop and sell the Endforce product range under the Sophos brand, the vendor said.

The deal is a sign that NAC is coming of age and will add to the credibility of Sophos as a security vendor, according to Ovum analyst Graham Titterington.

He also speculated that Sophos might take advantage of Endforce’s strong position with larger customers.

“We believe that Sophos intends to maintain open interfaces to rival vendors’ products, it will clearly open up some attractive cross-selling opportunities for Sophos’ existing product range and raise Sophos’ market profile,” he wrote in an email comment.

Openness is a key issue in the network access control market. Two of the largest NAC vendors, Cisco Systems and Microsoft announced plans in September 2006 to make their competing systems interoperable, while the Trusted Computing Group, an association of 140 vendors, continues to gather support for its non-proprietary Trusted Network Connect (TNC) architecture for endpoint integrity and trusted network access control.

Find your next job with computerworld UK jobs