Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Sophos network protection for NHS trust

Sophos : 13 February, 2009  (Application Story)
UK health service group takes network access control product from Sophos to help prevent unknown computers from gaining access to its networks and sensitive data
IT security and control firm Sophos has announced that Great Yarmouth and Waveney NHS Primary Care Trust (PCT) in East Anglia has deployed Sophos NAC Advanced to defend against the risks of unknown PCs trying to access the network. In addition, Great Yarmouth and Waveney NHS' new NAC (Network Access Control) solution enables the Trust to ensure that all of its own PCs and laptops are up to date with security patches and anti-virus protection, as well as setting appropriate access levels dependent on the employee. The solution was provided by Sophos Platinum Partner, Foursys.

Great Yarmouth and Waveney NHS Primary Care Trust serves a population of more than 200,000. Given the rise in remote working and guests, including both contractors and patients, wishing to connect to the Trust's network either for work purposes or simply for browsing the web, Great Yarmouth and Waveney NHS needed a solution that would enable it to control this access and ensure that every device met a baseline of IT policies. After performing a risk assessment, the Trust decided that a NAC solution was the best fit for its needs.

The PCT consulted with Foursys, which provided presentations and demonstrations of Sophos NAC Advanced. Following this, it was clear to the Trust that the Sophos solution met all its requirements for a defence in depth model, providing a mechanism to simply control endpoint health and activity across the entire, physically dispersed network. Foursys deployed Sophos NAC Advanced throughout the PCT's headquarters and to all PCs on the corporate network. The Trust can now enforce its security policies on both its own and guest PCs and devices.

For example, all devices must now meet a minimum security standard before being allowed access, and in order to protect its data still further, the Trust has set controls over which systems, if any, each employee and guest is authorised to access.

"With so many Wi-Fi enabled devices around today, many organisations are finding it difficult to effectively control who and what is accessing their network," said Jonathan Hughes, VP Sophos UK. "Banning access outright risks negatively impacting productivity - many employees use their own hardware when working remotely, while visiting contractors or partners would be unable to use the internet and find the information they need. With NAC, Great Yarmouth and Waveney NHS Trust now has a flexible, yet secure, approach to managing its network, users and data."

Using Sophos NAC Advanced's flexible and phased deployment, the installation was successfully completed with no impact to end-users. The solution now monitors the status of anti-virus software, ensures patches and service packs are up to date on all machines and the firewall turned on. Any machines that deviate from this policy, whether they belong to the Trust, a member of staff or a guest, are isolated from the network and remediated to reduce any potential risk. Unknown devices seeking access are authenticated with a guest login, assessed to ensure they pose no threat, and are then provided with filtered access to the internet and prevented from accessing internal systems.

"Since implementing Sophos NAC Advanced, it has brought confidence and we now know that all endpoints are complying with our defined baseline policies," said Andrew Brinded, IT services engineer for the PCT. "Another key factor is that we also have the ability to ensure that an issue is immediately resolved. It gives us the ability to say: 'If you don't comply with our policies, you get placed in a bubble and can only talk to a subset of the devices on the network'."

The Trust was so impressed with the immediate benefits delivered by Sophos NAC Advanced that it now has plans to roll it out across its GP and community sites - more than 50 sites in total. This next stage of the deployment will also include the installation of Utimaco SafeGuard.

"For healthcare organisations like Great Yarmouth and Waveney NHS Primary Care Trust, it's essential that their networks are fully defended against any potential risk," said Stuart Wright, senior network access consultant at Foursys. "For these high risk projects, the customer needs to be confident that they're partnering with a company that is not only knowledgeable, but that will also take every precaution to minimise the risk."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo