Before you can configure network access for a device, Network Access Control (NAC) must be
enabled in Sophos Mobile Control.
For on-premise installation, NAC is enabled by the super administrator. See the Sophos Mobile Control super administrator guide.
For Sophos Mobile Control as a Service, NAC is always enabled.
There are two options to configure network access for a device:
- Allow or deny network access unconditionally.
- Disable network access when the device violates a compliance rule, enable network access otherwise.
Note: Sophos Mobile Control does not control the network access by itself. Instead, it
provides a Deny network status that can be used by external NAC software like
Sophos UTM to block network communication.
To configure network access for a device:
On the menu sidebar, under MANAGE, click
On the Devices page, select the devices for which you want
to set the network access mode.
Click Actions, and then click Set network
Select the network access mode:
- Allow: Network access for the selected devices is
- Deny: Network access for the selected devices is
- Auto mode: Network access for the selected
devices is based on the compliance status of the devices.
Click Yes to save the changes.
For information on how to configure network access in compliance rules, see Create compliance rules