Comprehensive endpoint network-layer security
I'm not sure what the exact verbiage is to describe what I'm looking for so forgive me. But I'm looking for a solution for a small-ish office (think ~25-50 person SMB). The staff use laptops and those come in and out of the office continually. I see no reason to trust a device that has left the network and come back with who-knows what on it. There must be a solution out there that:
Isolates unknown/known-but-untrusted devices joining the network via WiFi or Ethernet (so integration with 802.1X, perhaps?), segregating them to an isolated network.
Asks the endpoint to meet compliance by e.g. updating local threat definitions, running a scan and submitting the results back to the onsite appliance or cloud device.
Then allowing (or not!) the device to join whatever network it should be on - and again, that would be a different network for known-trusted devices or staff versus unknown devices, guests etc.
This exists, right?
